LineageOS/android_packages_modules_Connectivity
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Revert "Whitelist packages from VPN lockdown."

Browse Source 
This reverts commit f1a610a1c2.

Reason for revert: broke pi-dev-plus-aosp

Change-Id: Iaf5c8aa4a8720eb2852da8cd91c81a77ccb92b68
This commit is contained in:
Dan Albert
2019-01-24 21:05:39 +00:00
parent f1a610a1c2
commit 45f1a24661
4 changed files with 20 additions and 186 deletions
Download Patch File Download Diff File Expand all files Collapse all files

41
core/java/android/net/ConnectivityManager.java
View File

@@ -1007,20 +1007,14 @@ public class ConnectivityManager {
* to remove an existing always-on VPN configuration. * to remove an existing always-on VPN configuration.
* @param lockdownEnabled {@code true} to disallow networking when the VPN is not connected or * @param lockdownEnabled {@code true} to disallow networking when the VPN is not connected or
* {@code false} otherwise. * {@code false} otherwise.
* @param lockdownWhitelist The list of packages that are allowed to access network directly
* when VPN is in lockdown mode but is not running. Non-existent packages are ignored so
* this method must be called when a package that should be whitelisted is installed or
* uninstalled.
* @return {@code true} if the package is set as always-on VPN controller; * @return {@code true} if the package is set as always-on VPN controller;
* {@code false} otherwise. * {@code false} otherwise.
* @hide * @hide
*/ */
@RequiresPermission(android.Manifest.permission.CONTROL_ALWAYS_ON_VPN)
public boolean setAlwaysOnVpnPackageForUser(int userId, @Nullable String vpnPackage, public boolean setAlwaysOnVpnPackageForUser(int userId, @Nullable String vpnPackage,
boolean lockdownEnabled, @Nullable List<String> lockdownWhitelist) { boolean lockdownEnabled) {
try { try {
return mService.setAlwaysOnVpnPackage( return mService.setAlwaysOnVpnPackage(userId, vpnPackage, lockdownEnabled);
userId, vpnPackage, lockdownEnabled, lockdownWhitelist);
} catch (RemoteException e) { } catch (RemoteException e) {
throw e.rethrowFromSystemServer(); throw e.rethrowFromSystemServer();
} }
@@ -1035,7 +1029,6 @@ public class ConnectivityManager {
* or {@code null} if none is set. * or {@code null} if none is set.
* @hide * @hide
*/ */
@RequiresPermission(android.Manifest.permission.CONTROL_ALWAYS_ON_VPN)
public String getAlwaysOnVpnPackageForUser(int userId) { public String getAlwaysOnVpnPackageForUser(int userId) {
try { try {
return mService.getAlwaysOnVpnPackage(userId); return mService.getAlwaysOnVpnPackage(userId);
@@ -1044,36 +1037,6 @@ public class ConnectivityManager {
} }
} }
/**
* @return whether always-on VPN is in lockdown mode.
*
* @hide
**/
@RequiresPermission(android.Manifest.permission.CONTROL_ALWAYS_ON_VPN)
public boolean isVpnLockdownEnabled(int userId) {
try {
return mService.isVpnLockdownEnabled(userId);
} catch (RemoteException e) {
throw e.rethrowFromSystemServer();
}
}
/**
* @return the list of packages that are allowed to access network when always-on VPN is in
* lockdown mode but not connected. Returns {@code null} when VPN lockdown is not active.
*
* @hide
**/
@RequiresPermission(android.Manifest.permission.CONTROL_ALWAYS_ON_VPN)
public List<String> getVpnLockdownWhitelist(int userId) {
try {
return mService.getVpnLockdownWhitelist(userId);
} catch (RemoteException e) {
throw e.rethrowFromSystemServer();
}
}
/** /**
* Returns details about the currently active default data network * Returns details about the currently active default data network
* for a given uid. This is for internal use only to avoid spying * for a given uid. This is for internal use only to avoid spying

5
core/java/android/net/IConnectivityManager.aidl
View File

@@ -125,11 +125,8 @@ interface IConnectivityManager
boolean updateLockdownVpn(); boolean updateLockdownVpn();
boolean isAlwaysOnVpnPackageSupported(int userId, String packageName); boolean isAlwaysOnVpnPackageSupported(int userId, String packageName);
boolean setAlwaysOnVpnPackage(int userId, String packageName, boolean lockdown, boolean setAlwaysOnVpnPackage(int userId, String packageName, boolean lockdown);
in List<String> lockdownWhitelist);
String getAlwaysOnVpnPackage(int userId); String getAlwaysOnVpnPackage(int userId);
boolean isVpnLockdownEnabled(int userId);
List<String> getVpnLockdownWhitelist(int userId);
int checkMobileProvisioning(int suggestedTimeOutMs); int checkMobileProvisioning(int suggestedTimeOutMs);

57
services/core/java/com/android/server/ConnectivityService.java
View File

@@ -1869,12 +1869,6 @@ public class ConnectivityService extends IConnectivityManager.Stub
"ConnectivityService"); "ConnectivityService");
} }
private void enforceControlAlwaysOnVpnPermission() {
mContext.enforceCallingOrSelfPermission(
android.Manifest.permission.CONTROL_ALWAYS_ON_VPN,
"ConnectivityService");
}
private void enforceNetworkStackSettingsOrSetup() { private void enforceNetworkStackSettingsOrSetup() {
enforceAnyPermissionOf( enforceAnyPermissionOf(
android.Manifest.permission.NETWORK_SETTINGS, android.Manifest.permission.NETWORK_SETTINGS,
@@ -1882,12 +1876,6 @@ public class ConnectivityService extends IConnectivityManager.Stub
android.Manifest.permission.NETWORK_STACK); android.Manifest.permission.NETWORK_STACK);
} }
private void enforceNetworkStackPermission() {
mContext.enforceCallingOrSelfPermission(
android.Manifest.permission.NETWORK_STACK,
"ConnectivityService");
}
private boolean checkNetworkStackPermission() { private boolean checkNetworkStackPermission() {
return PERMISSION_GRANTED == mContext.checkCallingOrSelfPermission( return PERMISSION_GRANTED == mContext.checkCallingOrSelfPermission(
android.Manifest.permission.NETWORK_STACK); android.Manifest.permission.NETWORK_STACK);
@@ -4081,9 +4069,8 @@ public class ConnectivityService extends IConnectivityManager.Stub
} }
@Override @Override
public boolean setAlwaysOnVpnPackage( public boolean setAlwaysOnVpnPackage(int userId, String packageName, boolean lockdown) {
int userId, String packageName, boolean lockdown, List<String> lockdownWhitelist) { enforceConnectivityInternalPermission();
enforceControlAlwaysOnVpnPermission();
enforceCrossUserPermission(userId); enforceCrossUserPermission(userId);
synchronized (mVpns) { synchronized (mVpns) {
@@ -4097,11 +4084,11 @@ public class ConnectivityService extends IConnectivityManager.Stub
Slog.w(TAG, "User " + userId + " has no Vpn configuration"); Slog.w(TAG, "User " + userId + " has no Vpn configuration");
return false; return false;
} }
if (!vpn.setAlwaysOnPackage(packageName, lockdown, lockdownWhitelist)) { if (!vpn.setAlwaysOnPackage(packageName, lockdown)) {
return false; return false;
} }
if (!startAlwaysOnVpn(userId)) { if (!startAlwaysOnVpn(userId)) {
vpn.setAlwaysOnPackage(null, false, null); vpn.setAlwaysOnPackage(null, false);
return false; return false;
} }
} }
@@ -4110,7 +4097,7 @@ public class ConnectivityService extends IConnectivityManager.Stub
@Override @Override
public String getAlwaysOnVpnPackage(int userId) { public String getAlwaysOnVpnPackage(int userId) {
enforceControlAlwaysOnVpnPermission(); enforceConnectivityInternalPermission();
enforceCrossUserPermission(userId); enforceCrossUserPermission(userId);
synchronized (mVpns) { synchronized (mVpns) {
@@ -4123,36 +4110,6 @@ public class ConnectivityService extends IConnectivityManager.Stub
} }
} }
@Override
public boolean isVpnLockdownEnabled(int userId) {
enforceControlAlwaysOnVpnPermission();
enforceCrossUserPermission(userId);
synchronized (mVpns) {
Vpn vpn = mVpns.get(userId);
if (vpn == null) {
Slog.w(TAG, "User " + userId + " has no Vpn configuration");
return false;
}
return vpn.getLockdown();
}
}
@Override
public List<String> getVpnLockdownWhitelist(int userId) {
enforceControlAlwaysOnVpnPermission();
enforceCrossUserPermission(userId);
synchronized (mVpns) {
Vpn vpn = mVpns.get(userId);
if (vpn == null) {
Slog.w(TAG, "User " + userId + " has no Vpn configuration");
return null;
}
return vpn.getLockdownWhitelist();
}
}
@Override @Override
public int checkMobileProvisioning(int suggestedTimeOutMs) { public int checkMobileProvisioning(int suggestedTimeOutMs) {
// TODO: Remove? Any reason to trigger a provisioning check? // TODO: Remove? Any reason to trigger a provisioning check?
@@ -4382,7 +4339,7 @@ public class ConnectivityService extends IConnectivityManager.Stub
if (TextUtils.equals(vpn.getAlwaysOnPackage(), packageName) && !isReplacing) { if (TextUtils.equals(vpn.getAlwaysOnPackage(), packageName) && !isReplacing) {
Slog.d(TAG, "Removing always-on VPN package " + packageName + " for user " Slog.d(TAG, "Removing always-on VPN package " + packageName + " for user "
+ userId); + userId);
vpn.setAlwaysOnPackage(null, false, null); vpn.setAlwaysOnPackage(null, false);
} }
} }
} }
@@ -6251,7 +6208,7 @@ public class ConnectivityService extends IConnectivityManager.Stub
synchronized (mVpns) { synchronized (mVpns) {
final String alwaysOnPackage = getAlwaysOnVpnPackage(userId); final String alwaysOnPackage = getAlwaysOnVpnPackage(userId);
if (alwaysOnPackage != null) { if (alwaysOnPackage != null) {
setAlwaysOnVpnPackage(userId, null, false, null); setAlwaysOnVpnPackage(userId, null, false);
setVpnPackageAuthorization(alwaysOnPackage, userId, false); setVpnPackageAuthorization(alwaysOnPackage, userId, false);
} }

103
tests/net/java/com/android/server/connectivity/VpnTest.java
View File

@@ -246,17 +246,17 @@ public class VpnTest {
assertFalse(vpn.getLockdown()); assertFalse(vpn.getLockdown());
// Set always-on without lockdown. // Set always-on without lockdown.
assertTrue(vpn.setAlwaysOnPackage(PKGS[1], false, Collections.emptyList())); assertTrue(vpn.setAlwaysOnPackage(PKGS[1], false));
assertTrue(vpn.getAlwaysOn()); assertTrue(vpn.getAlwaysOn());
assertFalse(vpn.getLockdown()); assertFalse(vpn.getLockdown());
// Set always-on with lockdown. // Set always-on with lockdown.
assertTrue(vpn.setAlwaysOnPackage(PKGS[1], true, Collections.emptyList())); assertTrue(vpn.setAlwaysOnPackage(PKGS[1], true));
assertTrue(vpn.getAlwaysOn()); assertTrue(vpn.getAlwaysOn());
assertTrue(vpn.getLockdown()); assertTrue(vpn.getLockdown());
// Remove always-on configuration. // Remove always-on configuration.
assertTrue(vpn.setAlwaysOnPackage(null, false, Collections.emptyList())); assertTrue(vpn.setAlwaysOnPackage(null, false));
assertFalse(vpn.getAlwaysOn()); assertFalse(vpn.getAlwaysOn());
assertFalse(vpn.getLockdown()); assertFalse(vpn.getLockdown());
} }
@@ -270,11 +270,11 @@ public class VpnTest {
assertUnblocked(vpn, user.start + PKG_UIDS[0], user.start + PKG_UIDS[1], user.start + PKG_UIDS[2], user.start + PKG_UIDS[3]); assertUnblocked(vpn, user.start + PKG_UIDS[0], user.start + PKG_UIDS[1], user.start + PKG_UIDS[2], user.start + PKG_UIDS[3]);
// Set always-on without lockdown. // Set always-on without lockdown.
assertTrue(vpn.setAlwaysOnPackage(PKGS[1], false, null)); assertTrue(vpn.setAlwaysOnPackage(PKGS[1], false));
assertUnblocked(vpn, user.start + PKG_UIDS[0], user.start + PKG_UIDS[1], user.start + PKG_UIDS[2], user.start + PKG_UIDS[3]); assertUnblocked(vpn, user.start + PKG_UIDS[0], user.start + PKG_UIDS[1], user.start + PKG_UIDS[2], user.start + PKG_UIDS[3]);
// Set always-on with lockdown. // Set always-on with lockdown.
assertTrue(vpn.setAlwaysOnPackage(PKGS[1], true, null)); assertTrue(vpn.setAlwaysOnPackage(PKGS[1], true));
verify(mNetService).setAllowOnlyVpnForUids(eq(true), aryEq(new UidRange[] { verify(mNetService).setAllowOnlyVpnForUids(eq(true), aryEq(new UidRange[] {
new UidRange(user.start, user.start + PKG_UIDS[1] - 1), new UidRange(user.start, user.start + PKG_UIDS[1] - 1),
new UidRange(user.start + PKG_UIDS[1] + 1, user.stop) new UidRange(user.start + PKG_UIDS[1] + 1, user.stop)
@@ -283,7 +283,7 @@ public class VpnTest {
assertUnblocked(vpn, user.start + PKG_UIDS[1]); assertUnblocked(vpn, user.start + PKG_UIDS[1]);
// Switch to another app. // Switch to another app.
assertTrue(vpn.setAlwaysOnPackage(PKGS[3], true, null)); assertTrue(vpn.setAlwaysOnPackage(PKGS[3], true));
verify(mNetService).setAllowOnlyVpnForUids(eq(false), aryEq(new UidRange[] { verify(mNetService).setAllowOnlyVpnForUids(eq(false), aryEq(new UidRange[] {
new UidRange(user.start, user.start + PKG_UIDS[1] - 1), new UidRange(user.start, user.start + PKG_UIDS[1] - 1),
new UidRange(user.start + PKG_UIDS[1] + 1, user.stop) new UidRange(user.start + PKG_UIDS[1] + 1, user.stop)
@@ -296,87 +296,6 @@ public class VpnTest {
assertUnblocked(vpn, user.start + PKG_UIDS[3]); assertUnblocked(vpn, user.start + PKG_UIDS[3]);
} }
@Test
public void testLockdownWhitelist() throws Exception {
final Vpn vpn = createVpn(primaryUser.id);
final UidRange user = UidRange.createForUser(primaryUser.id);
// Set always-on with lockdown and whitelist app PKGS[2] from lockdown.
assertTrue(vpn.setAlwaysOnPackage(PKGS[1], true, Collections.singletonList(PKGS[2])));
verify(mNetService).setAllowOnlyVpnForUids(eq(true), aryEq(new UidRange[] {
new UidRange(user.start, user.start + PKG_UIDS[1] - 1),
new UidRange(user.start + PKG_UIDS[2] + 1, user.stop)
}));
assertBlocked(vpn, user.start + PKG_UIDS[0], user.start + PKG_UIDS[3]);
assertUnblocked(vpn, user.start + PKG_UIDS[1], user.start + PKG_UIDS[2]);
// Change whitelisted app to PKGS[3].
assertTrue(vpn.setAlwaysOnPackage(PKGS[1], true, Collections.singletonList(PKGS[3])));
verify(mNetService).setAllowOnlyVpnForUids(eq(false), aryEq(new UidRange[] {
new UidRange(user.start + PKG_UIDS[2] + 1, user.stop)
}));
verify(mNetService).setAllowOnlyVpnForUids(eq(true), aryEq(new UidRange[] {
new UidRange(user.start + PKG_UIDS[1] + 1, user.start + PKG_UIDS[3] - 1),
new UidRange(user.start + PKG_UIDS[3] + 1, user.stop)
}));
assertBlocked(vpn, user.start + PKG_UIDS[0], user.start + PKG_UIDS[2]);
assertUnblocked(vpn, user.start + PKG_UIDS[1], user.start + PKG_UIDS[3]);
// Change the VPN app.
assertTrue(vpn.setAlwaysOnPackage(PKGS[0], true, Collections.singletonList(PKGS[3])));
verify(mNetService).setAllowOnlyVpnForUids(eq(false), aryEq(new UidRange[] {
new UidRange(user.start, user.start + PKG_UIDS[1] - 1),
new UidRange(user.start + PKG_UIDS[1] + 1, user.start + PKG_UIDS[3] - 1)
}));
verify(mNetService).setAllowOnlyVpnForUids(eq(true), aryEq(new UidRange[] {
new UidRange(user.start, user.start + PKG_UIDS[0] - 1),
new UidRange(user.start + PKG_UIDS[0] + 1, user.start + PKG_UIDS[3] - 1)
}));
assertBlocked(vpn, user.start + PKG_UIDS[1], user.start + PKG_UIDS[2]);
assertUnblocked(vpn, user.start + PKG_UIDS[0], user.start + PKG_UIDS[3]);
// Remove the whitelist.
assertTrue(vpn.setAlwaysOnPackage(PKGS[0], true, null));
verify(mNetService).setAllowOnlyVpnForUids(eq(false), aryEq(new UidRange[] {
new UidRange(user.start + PKG_UIDS[0] + 1, user.start + PKG_UIDS[3] - 1),
new UidRange(user.start + PKG_UIDS[3] + 1, user.stop)
}));
verify(mNetService).setAllowOnlyVpnForUids(eq(true), aryEq(new UidRange[] {
new UidRange(user.start + PKG_UIDS[0] + 1, user.stop),
}));
assertBlocked(vpn, user.start + PKG_UIDS[1], user.start + PKG_UIDS[2],
user.start + PKG_UIDS[3]);
assertUnblocked(vpn, user.start + PKG_UIDS[0]);
// Add the whitelist.
assertTrue(vpn.setAlwaysOnPackage(PKGS[0], true, Collections.singletonList(PKGS[1])));
verify(mNetService).setAllowOnlyVpnForUids(eq(false), aryEq(new UidRange[] {
new UidRange(user.start + PKG_UIDS[0] + 1, user.stop)
}));
verify(mNetService).setAllowOnlyVpnForUids(eq(true), aryEq(new UidRange[] {
new UidRange(user.start + PKG_UIDS[0] + 1, user.start + PKG_UIDS[1] - 1),
new UidRange(user.start + PKG_UIDS[1] + 1, user.stop)
}));
assertBlocked(vpn, user.start + PKG_UIDS[2], user.start + PKG_UIDS[3]);
assertUnblocked(vpn, user.start + PKG_UIDS[0], user.start + PKG_UIDS[1]);
// Try whitelisting a package with a comma, should be rejected.
assertFalse(vpn.setAlwaysOnPackage(PKGS[0], true, Collections.singletonList("a.b,c.d")));
// Pass a non-existent packages in the whitelist, they (and only they) should be ignored.
// Whitelisted package should change from PGKS[1] to PKGS[2].
assertTrue(vpn.setAlwaysOnPackage(PKGS[0], true,
Arrays.asList("com.foo.app", PKGS[2], "com.bar.app")));
verify(mNetService).setAllowOnlyVpnForUids(eq(false), aryEq(new UidRange[]{
new UidRange(user.start + PKG_UIDS[0] + 1, user.start + PKG_UIDS[1] - 1),
new UidRange(user.start + PKG_UIDS[1] + 1, user.stop)
}));
verify(mNetService).setAllowOnlyVpnForUids(eq(true), aryEq(new UidRange[]{
new UidRange(user.start + PKG_UIDS[0] + 1, user.start + PKG_UIDS[2] - 1),
new UidRange(user.start + PKG_UIDS[2] + 1, user.stop)
}));
}
@Test @Test
public void testLockdownAddingAProfile() throws Exception { public void testLockdownAddingAProfile() throws Exception {
final Vpn vpn = createVpn(primaryUser.id); final Vpn vpn = createVpn(primaryUser.id);
@@ -391,7 +310,7 @@ public class VpnTest {
final UidRange profile = UidRange.createForUser(tempProfile.id); final UidRange profile = UidRange.createForUser(tempProfile.id);
// Set lockdown. // Set lockdown.
assertTrue(vpn.setAlwaysOnPackage(PKGS[3], true, null)); assertTrue(vpn.setAlwaysOnPackage(PKGS[3], true));
verify(mNetService).setAllowOnlyVpnForUids(eq(true), aryEq(new UidRange[] { verify(mNetService).setAllowOnlyVpnForUids(eq(true), aryEq(new UidRange[] {
new UidRange(user.start, user.start + PKG_UIDS[3] - 1), new UidRange(user.start, user.start + PKG_UIDS[3] - 1),
new UidRange(user.start + PKG_UIDS[3] + 1, user.stop) new UidRange(user.start + PKG_UIDS[3] + 1, user.stop)
@@ -517,7 +436,7 @@ public class VpnTest {
.cancelAsUser(anyString(), anyInt(), eq(userHandle)); .cancelAsUser(anyString(), anyInt(), eq(userHandle));
// Start showing a notification for disconnected once always-on. // Start showing a notification for disconnected once always-on.
vpn.setAlwaysOnPackage(PKGS[0], false, null); vpn.setAlwaysOnPackage(PKGS[0], false);
order.verify(mNotificationManager) order.verify(mNotificationManager)
.notifyAsUser(anyString(), anyInt(), any(), eq(userHandle)); .notifyAsUser(anyString(), anyInt(), any(), eq(userHandle));
@@ -531,7 +450,7 @@ public class VpnTest {
.notifyAsUser(anyString(), anyInt(), any(), eq(userHandle)); .notifyAsUser(anyString(), anyInt(), any(), eq(userHandle));
// Notification should be cleared after unsetting always-on package. // Notification should be cleared after unsetting always-on package.
vpn.setAlwaysOnPackage(null, false, null); vpn.setAlwaysOnPackage(null, false);
order.verify(mNotificationManager).cancelAsUser(anyString(), anyInt(), eq(userHandle)); order.verify(mNotificationManager).cancelAsUser(anyString(), anyInt(), eq(userHandle));
} }
@@ -664,9 +583,7 @@ public class VpnTest {
doAnswer(invocation -> { doAnswer(invocation -> {
final String appName = (String) invocation.getArguments()[0]; final String appName = (String) invocation.getArguments()[0];
final int userId = (int) invocation.getArguments()[1]; final int userId = (int) invocation.getArguments()[1];
Integer appId = packages.get(appName); return UserHandle.getUid(userId, packages.get(appName));
if (appId == null) throw new PackageManager.NameNotFoundException(appName);
return UserHandle.getUid(userId, appId);
}).when(mPackageManager).getPackageUidAsUser(anyString(), anyInt()); }).when(mPackageManager).getPackageUidAsUser(anyString(), anyInt());
} catch (Exception e) { } catch (Exception e) {
} }