Guard the SSID with NETWORK_SETTINGS

Clean cherry-pick of ag/3904260

Bug: 77865258
Test: manual
Change-Id: I2a2e236041797df495759dd4e07648545cad6c7c
Merged-In: Iba59e93875c28b8e30db0c013575bc2f117cb16c
Merged-In: I6cf364f0815a2eaab60f5de5e1d5ccc4908e9eca

services/core/java/com/android/server/ConnectivityService.java

@@ -1373,7 +1373,7 @@ public class ConnectivityService extends IConnectivityManager.Stub
             NetworkCapabilities nc, int callerPid, int callerUid) {
         final NetworkCapabilities newNc = new NetworkCapabilities(nc);
         if (!checkSettingsPermission(callerPid, callerUid)) newNc.setUids(null);
-        if (!checkNetworkStackPermission(callerPid, callerUid)) newNc.setSSID(null);
+        if (!checkSettingsPermission(callerPid, callerUid)) newNc.setSSID(null);
         return newNc;
     }
 
@@ -1633,11 +1633,6 @@ public class ConnectivityService extends IConnectivityManager.Stub
                 android.Manifest.permission.NETWORK_SETTINGS, pid, uid);
     }
 
-    private boolean checkNetworkStackPermission(int pid, int uid) {
-        return PERMISSION_GRANTED == mContext.checkPermission(
-                android.Manifest.permission.NETWORK_STACK, pid, uid);
-    }
-
     private void enforceTetherAccessPermission() {
         mContext.enforceCallingOrSelfPermission(
                 android.Manifest.permission.ACCESS_NETWORK_STATE,
@@ -4197,7 +4192,7 @@ public class ConnectivityService extends IConnectivityManager.Stub
     // calling app has permission to do so.
     private void ensureSufficientPermissionsForRequest(NetworkCapabilities nc,
             int callerPid, int callerUid) {
-        if (null != nc.getSSID() && !checkNetworkStackPermission(callerPid, callerUid)) {
+        if (null != nc.getSSID() && !checkSettingsPermission(callerPid, callerUid)) {
             throw new SecurityException("Insufficient permissions to request a specific SSID");
         }
     }