Add @RequiresPermission for setUnderlyingNetworks

setUnderlyingNetworks() is mainly for the NetworkAgents who hold the NETWORK_FACTORY to set its underlying networks. And the underlying networks are only visible and useful for the caller of getNetworkCapabilities() or the receiver of onCapabilitiesChanged() who hold one of NETWORK_FACTORY, NETWORK_SETTINGS and MAINLINE_NETWORK_STACK permissions. Otherwise, the underlying networks field will be cleard before sending. Bug: 205738644 Test: atest CtsNetTestCases:ConnectivityManagerTest atest CtsHostsideNetworkTests:HostsideVpnTests atest FrameworksNetTests Change-Id: Ife7630d9676a31ee5ab977cb1b87aec3b6fd7080
2022-03-22 18:15:09 +08:00
parent f7c071b1c4
commit 69e1aa9117
3 changed files with 35 additions and 6 deletions
--- a/service/src/com/android/server/ConnectivityService.java
+++ b/service/src/com/android/server/ConnectivityService.java
@@ -2235,6 +2235,13 @@ public class ConnectivityService extends IConnectivityManager.Stub
                callingAttributionTag);
    }

+    private void redactUnderlyingNetworksForCapabilities(NetworkCapabilities nc, int pid, int uid) {
+        if (nc.getUnderlyingNetworks() != null
+                && !checkNetworkFactoryOrSettingsPermission(pid, uid)) {
+            nc.setUnderlyingNetworks(null);
+        }
+    }
+
    @VisibleForTesting
    NetworkCapabilities networkCapabilitiesRestrictedForCallerPermissions(
            NetworkCapabilities nc, int callerPid, int callerUid) {
@@ -2247,8 +2254,6 @@ public class ConnectivityService extends IConnectivityManager.Stub
        if (!checkSettingsPermission(callerPid, callerUid)) {
            newNc.setUids(null);
            newNc.setSSID(null);
-            // TODO: Processes holding NETWORK_FACTORY should be able to see the underlying networks
-            newNc.setUnderlyingNetworks(null);
        }
        if (newNc.getNetworkSpecifier() != null) {
            newNc.setNetworkSpecifier(newNc.getNetworkSpecifier().redact());
@@ -2262,6 +2267,7 @@ public class ConnectivityService extends IConnectivityManager.Stub
            newNc.setAllowedUids(new ArraySet<>());
            newNc.setSubscriptionIds(Collections.emptySet());
        }
+        redactUnderlyingNetworksForCapabilities(newNc, callerPid, callerUid);

        return newNc;
    }
@@ -2874,6 +2880,15 @@ public class ConnectivityService extends IConnectivityManager.Stub
                NetworkStack.PERMISSION_MAINLINE_NETWORK_STACK);
    }

+    private boolean checkNetworkFactoryOrSettingsPermission(int pid, int uid) {
+        return PERMISSION_GRANTED == mContext.checkPermission(
+                android.Manifest.permission.NETWORK_FACTORY, pid, uid)
+                || PERMISSION_GRANTED == mContext.checkPermission(
+                android.Manifest.permission.NETWORK_SETTINGS, pid, uid)
+                || PERMISSION_GRANTED == mContext.checkPermission(
+                NetworkStack.PERMISSION_MAINLINE_NETWORK_STACK, pid, uid);
+    }
+
    private boolean checkSettingsPermission() {
        return checkAnyPermissionOf(
                android.Manifest.permission.NETWORK_SETTINGS,