LineageOS/android_packages_modules_Connectivity
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge "Add API for apps to check if they are the network owner"

Browse Source
This commit is contained in:
Qingxi Li
2020-01-24 18:12:52 +00:00
committed by Gerrit Code Review
parent 680cce79b9 bb8da980ae
commit 78433a68ee
4 changed files with 62 additions and 36 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
services/core/java/com/android/server/ConnectivityService.java
View File

@@ -1626,7 +1626,8 @@ public class ConnectivityService extends IConnectivityManager.Stub
return getNetworkCapabilitiesInternal(getNetworkAgentInfoForNetwork(network));
}
private NetworkCapabilities networkCapabilitiesRestrictedForCallerPermissions(
@VisibleForTesting
NetworkCapabilities networkCapabilitiesRestrictedForCallerPermissions(
NetworkCapabilities nc, int callerPid, int callerUid) {
final NetworkCapabilities newNc = new NetworkCapabilities(nc);
if (!checkSettingsPermission(callerPid, callerUid)) {
@@ -1637,9 +1638,23 @@ public class ConnectivityService extends IConnectivityManager.Stub
newNc.setNetworkSpecifier(newNc.getNetworkSpecifier().redact());
}
newNc.setAdministratorUids(Collections.EMPTY_LIST);
maybeSanitizeLocationInfoForCaller(newNc, callerUid);
return newNc;
}
private void maybeSanitizeLocationInfoForCaller(
NetworkCapabilities nc, int callerUid) {
// TODO(b/142072839): Conditionally reset the owner UID if the following
// conditions are not met:
// 1. The destination app is the network owner
// 2. The destination app has the ACCESS_COARSE_LOCATION permission granted
// if target SDK<29 or otherwise has the ACCESS_FINE_LOCATION permission granted
// 3. The user's location toggle is on
nc.setOwnerUid(INVALID_UID);
}
private LinkProperties linkPropertiesRestrictedForCallerPermissions(
LinkProperties lp, int callerPid, int callerUid) {
if (lp == null) return new LinkProperties();
@@ -1668,6 +1683,9 @@ public class ConnectivityService extends IConnectivityManager.Stub
nc.setSingleUid(Binder.getCallingUid());
}
nc.setAdministratorUids(Collections.EMPTY_LIST);
// Clear owner UID; this can never come from an app.
nc.setOwnerUid(INVALID_UID);
}
private void restrictBackgroundRequestForCaller(NetworkCapabilities nc) {
@@ -5795,7 +5813,7 @@ public class ConnectivityService extends IConnectivityManager.Stub
}
final Set<UidRange> ranges = nai.networkCapabilities.getUids();
final int vpnAppUid = nai.networkCapabilities.getEstablishingVpnAppUid();
final int vpnAppUid = nai.networkCapabilities.getOwnerUid();
// TODO: this create a window of opportunity for apps to receive traffic between the time
// when the old rules are removed and the time when new rules are added. To fix this,
// make eBPF support two whitelisted interfaces so here new rules can be added before the
@@ -5994,7 +6012,7 @@ public class ConnectivityService extends IConnectivityManager.Stub
if (nc == null || lp == null) return false;
return nai.isVPN()
&& !nai.networkAgentConfig.allowBypass
&& nc.getEstablishingVpnAppUid() != Process.SYSTEM_UID
&& nc.getOwnerUid() != Process.SYSTEM_UID
&& lp.getInterfaceName() != null
&& (lp.hasIPv4DefaultRoute() || lp.hasIPv6DefaultRoute());
}
@@ -6042,12 +6060,10 @@ public class ConnectivityService extends IConnectivityManager.Stub
// TODO Fix this window by computing an accurate diff on Set<UidRange>, so the old range
// to be removed will never overlap with the new range to be added.
if (wasFiltering && !prevRanges.isEmpty()) {
mPermissionMonitor.onVpnUidRangesRemoved(iface, prevRanges,
prevNc.getEstablishingVpnAppUid());
mPermissionMonitor.onVpnUidRangesRemoved(iface, prevRanges, prevNc.getOwnerUid());
}
if (shouldFilter && !newRanges.isEmpty()) {
mPermissionMonitor.onVpnUidRangesAdded(iface, newRanges,
newNc.getEstablishingVpnAppUid());
mPermissionMonitor.onVpnUidRangesAdded(iface, newRanges, newNc.getOwnerUid());
}
} catch (Exception e) {
// Never crash!