LineageOS/android_packages_modules_Connectivity
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Require location permission for ConnDiags WiFi only.

Browse Source 
This CL updates ConnectivityDiagnostics permission checks in
ConnectivityService to only require location permission for Networks
that have TRANSPORT_WIFI. This change is consistent with the location
restrictions required for the transports themselves. Previously,
location permissions were required for all Network types.

Bug: 187310575
Test: atest ConnectivityServiceTest ConnectivityDiagnosticsManagerTest
Change-Id: I48806533e4e705d2d9be45f3b3d3931d9294b167
This commit is contained in:
Cody Kesting
2021-05-11 14:22:40 -07:00
parent fc592e8bc0
commit 7474f67454
2 changed files with 50 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
service/src/com/android/server/ConnectivityService.java
View File

@@ -77,6 +77,7 @@ import static android.net.NetworkCapabilities.REDACT_FOR_NETWORK_SETTINGS;
import static android.net.NetworkCapabilities.TRANSPORT_CELLULAR;
import static android.net.NetworkCapabilities.TRANSPORT_TEST;
import static android.net.NetworkCapabilities.TRANSPORT_VPN;
import static android.net.NetworkCapabilities.TRANSPORT_WIFI;
import static android.net.NetworkRequest.Type.LISTEN_FOR_BEST;
import static android.net.shared.NetworkMonitorUtils.isPrivateDnsValidationRequired;
import static android.os.Process.INVALID_UID;
@@ -9175,6 +9176,12 @@ public class ConnectivityService extends IConnectivityManager.Stub
return results;
}
private boolean isLocationPermissionRequiredForConnectivityDiagnostics(
@NonNull NetworkAgentInfo nai) {
// TODO(b/188483916): replace with a transport-agnostic location-aware check
return nai.networkCapabilities.hasTransport(TRANSPORT_WIFI);
}
private boolean hasLocationPermission(String packageName, int uid) {
// LocationPermissionChecker#checkLocationPermission can throw SecurityException if the uid
// and package name don't match. Throwing on the CS thread is not acceptable, so wrap the
@@ -9217,7 +9224,8 @@ public class ConnectivityService extends IConnectivityManager.Stub
return false;
}
return hasLocationPermission(callbackPackageName, callbackUid);
return !isLocationPermissionRequiredForConnectivityDiagnostics(nai)
|| hasLocationPermission(callbackPackageName, callbackUid);
}
@Override