From 3c5dee0a26d252e44005dd15473b8926d409fffe Mon Sep 17 00:00:00 2001 From: Robert Greenwalt Date: Tue, 16 Sep 2014 17:54:19 -0700 Subject: [PATCH] Use unified Tethering Permission Check The BT and Wifi mechanisms for enabling Tethering did their own permission checks. This set of changes unifies the check into a ConnectivityManager function so they can be kept in sync. bug:17435527 Change-Id: I8c157a5acf56ffbddd349cb6a45160ae7be8541b --- core/java/android/net/ConnectivityManager.java | 14 ++++++++++++++ .../com/android/server/ConnectivityService.java | 14 +++----------- 2 files changed, 17 insertions(+), 11 deletions(-) diff --git a/core/java/android/net/ConnectivityManager.java b/core/java/android/net/ConnectivityManager.java index 7c69a7da14..e3cbef5a11 100644 --- a/core/java/android/net/ConnectivityManager.java +++ b/core/java/android/net/ConnectivityManager.java @@ -1402,6 +1402,20 @@ public class ConnectivityManager { return (ConnectivityManager) context.getSystemService(Context.CONNECTIVITY_SERVICE); } + /** {@hide */ + public static final void enforceTetherChangePermission(Context context) { + if (context.getResources().getStringArray( + com.android.internal.R.array.config_mobile_hotspot_provision_app).length == 2) { + // Have a provisioning app - must only let system apps (which check this app) + // turn on tethering + context.enforceCallingOrSelfPermission( + android.Manifest.permission.CONNECTIVITY_INTERNAL, "ConnectivityService"); + } else { + context.enforceCallingOrSelfPermission( + android.Manifest.permission.CHANGE_NETWORK_STATE, "ConnectivityService"); + } + } + /** * Get the set of tetherable, available interfaces. This list is limited by * device configuration and current interface existence. diff --git a/services/core/java/com/android/server/ConnectivityService.java b/services/core/java/com/android/server/ConnectivityService.java index 55d8c09da0..971e21285e 100644 --- a/services/core/java/com/android/server/ConnectivityService.java +++ b/services/core/java/com/android/server/ConnectivityService.java @@ -1357,13 +1357,6 @@ public class ConnectivityService extends IConnectivityManager.Stub { "ConnectivityService"); } - // TODO Make this a special check when it goes public - private void enforceTetherChangePermission() { - mContext.enforceCallingOrSelfPermission( - android.Manifest.permission.CHANGE_NETWORK_STATE, - "ConnectivityService"); - } - private void enforceTetherAccessPermission() { mContext.enforceCallingOrSelfPermission( android.Manifest.permission.ACCESS_NETWORK_STATE, @@ -2375,8 +2368,7 @@ public class ConnectivityService extends IConnectivityManager.Stub { // javadoc from interface public int tether(String iface) { - enforceTetherChangePermission(); - + ConnectivityManager.enforceTetherChangePermission(mContext); if (isTetheringSupported()) { return mTethering.tether(iface); } else { @@ -2386,7 +2378,7 @@ public class ConnectivityService extends IConnectivityManager.Stub { // javadoc from interface public int untether(String iface) { - enforceTetherChangePermission(); + ConnectivityManager.enforceTetherChangePermission(mContext); if (isTetheringSupported()) { return mTethering.untether(iface); @@ -2435,7 +2427,7 @@ public class ConnectivityService extends IConnectivityManager.Stub { } public int setUsbTethering(boolean enable) { - enforceTetherChangePermission(); + ConnectivityManager.enforceTetherChangePermission(mContext); if (isTetheringSupported()) { return mTethering.setUsbTethering(enable); } else {