Merge changes I5eaeb415,I236f1550
* changes: Check carrier privilege for CBS network requests synchronously Allow 3p apps to request restricted networks
This commit is contained in:
Paul Hu
@@ -610,13 +610,6 @@ public class ConnectivityService extends IConnectivityManager.Stub
|
||||
// Handle private DNS validation status updates.
|
||||
private static final int EVENT_PRIVATE_DNS_VALIDATION_UPDATE = 38;
|
||||
|
||||
/**
|
||||
* used to remove a network request, either a listener or a real request and call unavailable
|
||||
* arg1 = UID of caller
|
||||
* obj = NetworkRequest
|
||||
*/
|
||||
private static final int EVENT_RELEASE_NETWORK_REQUEST_AND_CALL_UNAVAILABLE = 39;
|
||||
|
||||
/**
|
||||
* Event for NetworkMonitor/NetworkAgentInfo to inform ConnectivityService that the network has
|
||||
* been tested.
|
||||
@@ -2628,7 +2621,7 @@ public class ConnectivityService extends IConnectivityManager.Stub
|
||||
verifyCallingUidAndPackage(callingPackageName, mDeps.getCallingUid());
|
||||
enforceChangePermission(callingPackageName, callingAttributionTag);
|
||||
if (mProtectedNetworks.contains(networkType)) {
|
||||
enforceConnectivityRestrictedNetworksPermission();
|
||||
enforceConnectivityRestrictedNetworksPermission(true /* checkUidsAllowedList */);
|
||||
}
|
||||
|
||||
InetAddress addr;
|
||||
@@ -2982,18 +2975,35 @@ public class ConnectivityService extends IConnectivityManager.Stub
|
||||
android.Manifest.permission.NETWORK_SETTINGS);
|
||||
}
|
||||
|
||||
private void enforceConnectivityRestrictedNetworksPermission() {
|
||||
try {
|
||||
mContext.enforceCallingOrSelfPermission(
|
||||
android.Manifest.permission.CONNECTIVITY_USE_RESTRICTED_NETWORKS,
|
||||
"ConnectivityService");
|
||||
return;
|
||||
} catch (SecurityException e) { /* fallback to ConnectivityInternalPermission */ }
|
||||
// TODO: Remove this fallback check after all apps have declared
|
||||
// CONNECTIVITY_USE_RESTRICTED_NETWORKS.
|
||||
mContext.enforceCallingOrSelfPermission(
|
||||
android.Manifest.permission.CONNECTIVITY_INTERNAL,
|
||||
"ConnectivityService");
|
||||
private boolean checkConnectivityRestrictedNetworksPermission(int callingUid,
|
||||
boolean checkUidsAllowedList) {
|
||||
if (PermissionUtils.checkAnyPermissionOf(mContext,
|
||||
android.Manifest.permission.CONNECTIVITY_USE_RESTRICTED_NETWORKS)) {
|
||||
return true;
|
||||
}
|
||||
|
||||
// fallback to ConnectivityInternalPermission
|
||||
// TODO: Remove this fallback check after all apps have declared
|
||||
// CONNECTIVITY_USE_RESTRICTED_NETWORKS.
|
||||
if (PermissionUtils.checkAnyPermissionOf(mContext,
|
||||
android.Manifest.permission.CONNECTIVITY_INTERNAL)) {
|
||||
return true;
|
||||
}
|
||||
|
||||
// Check whether uid is in allowed on restricted networks list.
|
||||
if (checkUidsAllowedList
|
||||
&& mPermissionMonitor.isUidAllowedOnRestrictedNetworks(callingUid)) {
|
||||
return true;
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
private void enforceConnectivityRestrictedNetworksPermission(boolean checkUidsAllowedList) {
|
||||
final int callingUid = mDeps.getCallingUid();
|
||||
if (!checkConnectivityRestrictedNetworksPermission(callingUid, checkUidsAllowedList)) {
|
||||
throw new SecurityException("ConnectivityService: user " + callingUid
|
||||
+ " has no permission to access restricted network.");
|
||||
}
|
||||
}
|
||||
|
||||
private void enforceKeepalivePermission() {
|
||||
@@ -4495,7 +4505,7 @@ public class ConnectivityService extends IConnectivityManager.Stub
|
||||
|
||||
private boolean hasCarrierPrivilegeForNetworkCaps(final int callingUid,
|
||||
@NonNull final NetworkCapabilities caps) {
|
||||
if (SdkLevel.isAtLeastT() && mCarrierPrivilegeAuthenticator != null) {
|
||||
if (mCarrierPrivilegeAuthenticator != null) {
|
||||
return mCarrierPrivilegeAuthenticator.hasCarrierPrivilegeForNetworkCapabilities(
|
||||
callingUid, caps);
|
||||
}
|
||||
@@ -4525,7 +4535,6 @@ public class ConnectivityService extends IConnectivityManager.Stub
|
||||
|
||||
private void handleRegisterNetworkRequests(@NonNull final Set<NetworkRequestInfo> nris) {
|
||||
ensureRunningOnConnectivityServiceThread();
|
||||
NetworkRequest requestToBeReleased = null;
|
||||
for (final NetworkRequestInfo nri : nris) {
|
||||
mNetworkRequestInfoLogs.log("REGISTER " + nri);
|
||||
checkNrisConsistency(nri);
|
||||
@@ -4540,13 +4549,6 @@ public class ConnectivityService extends IConnectivityManager.Stub
|
||||
}
|
||||
}
|
||||
}
|
||||
if (req.hasCapability(NetworkCapabilities.NET_CAPABILITY_CBS)) {
|
||||
if (!hasCarrierPrivilegeForNetworkCaps(nri.mUid, req.networkCapabilities)
|
||||
&& !checkConnectivityRestrictedNetworksPermission(
|
||||
nri.mPid, nri.mUid)) {
|
||||
requestToBeReleased = req;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// If this NRI has a satisfier already, it is replacing an older request that
|
||||
@@ -4558,11 +4560,6 @@ public class ConnectivityService extends IConnectivityManager.Stub
|
||||
}
|
||||
}
|
||||
|
||||
if (requestToBeReleased != null) {
|
||||
releaseNetworkRequestAndCallOnUnavailable(requestToBeReleased);
|
||||
return;
|
||||
}
|
||||
|
||||
if (mFlags.noRematchAllRequestsOnRegister()) {
|
||||
rematchNetworksAndRequests(nris);
|
||||
} else {
|
||||
@@ -5402,11 +5399,6 @@ public class ConnectivityService extends IConnectivityManager.Stub
|
||||
/* callOnUnavailable */ false);
|
||||
break;
|
||||
}
|
||||
case EVENT_RELEASE_NETWORK_REQUEST_AND_CALL_UNAVAILABLE: {
|
||||
handleReleaseNetworkRequest((NetworkRequest) msg.obj, msg.arg1,
|
||||
/* callOnUnavailable */ true);
|
||||
break;
|
||||
}
|
||||
case EVENT_SET_ACCEPT_UNVALIDATED: {
|
||||
Network network = (Network) msg.obj;
|
||||
handleSetAcceptUnvalidated(network, toBool(msg.arg1), toBool(msg.arg2));
|
||||
@@ -6625,7 +6617,7 @@ public class ConnectivityService extends IConnectivityManager.Stub
|
||||
case REQUEST:
|
||||
networkCapabilities = new NetworkCapabilities(networkCapabilities);
|
||||
enforceNetworkRequestPermissions(networkCapabilities, callingPackageName,
|
||||
callingAttributionTag);
|
||||
callingAttributionTag, callingUid);
|
||||
// TODO: this is incorrect. We mark the request as metered or not depending on
|
||||
// the state of the app when the request is filed, but we never change the
|
||||
// request if the app changes network state. http://b/29964605
|
||||
@@ -6715,26 +6707,19 @@ public class ConnectivityService extends IConnectivityManager.Stub
|
||||
}
|
||||
|
||||
private void enforceNetworkRequestPermissions(NetworkCapabilities networkCapabilities,
|
||||
String callingPackageName, String callingAttributionTag) {
|
||||
String callingPackageName, String callingAttributionTag, final int callingUid) {
|
||||
if (networkCapabilities.hasCapability(NET_CAPABILITY_NOT_RESTRICTED) == false) {
|
||||
if (!networkCapabilities.hasCapability(NetworkCapabilities.NET_CAPABILITY_CBS)) {
|
||||
enforceConnectivityRestrictedNetworksPermission();
|
||||
// For T+ devices, callers with carrier privilege could request with CBS capabilities.
|
||||
if (networkCapabilities.hasCapability(NetworkCapabilities.NET_CAPABILITY_CBS)
|
||||
&& hasCarrierPrivilegeForNetworkCaps(callingUid, networkCapabilities)) {
|
||||
return;
|
||||
}
|
||||
enforceConnectivityRestrictedNetworksPermission(true /* checkUidsAllowedList */);
|
||||
} else {
|
||||
enforceChangePermission(callingPackageName, callingAttributionTag);
|
||||
}
|
||||
}
|
||||
|
||||
private boolean checkConnectivityRestrictedNetworksPermission(int callerPid, int callerUid) {
|
||||
if (checkAnyPermissionOf(callerPid, callerUid,
|
||||
android.Manifest.permission.CONNECTIVITY_USE_RESTRICTED_NETWORKS)
|
||||
|| checkAnyPermissionOf(callerPid, callerUid,
|
||||
android.Manifest.permission.CONNECTIVITY_INTERNAL)) {
|
||||
return true;
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean requestBandwidthUpdate(Network network) {
|
||||
enforceAccessPermission();
|
||||
@@ -6793,7 +6778,7 @@ public class ConnectivityService extends IConnectivityManager.Stub
|
||||
final int callingUid = mDeps.getCallingUid();
|
||||
networkCapabilities = new NetworkCapabilities(networkCapabilities);
|
||||
enforceNetworkRequestPermissions(networkCapabilities, callingPackageName,
|
||||
callingAttributionTag);
|
||||
callingAttributionTag, callingUid);
|
||||
enforceMeteredApnPolicy(networkCapabilities);
|
||||
ensureRequestableCapabilities(networkCapabilities);
|
||||
ensureSufficientPermissionsForRequest(networkCapabilities,
|
||||
@@ -6916,13 +6901,6 @@ public class ConnectivityService extends IConnectivityManager.Stub
|
||||
EVENT_RELEASE_NETWORK_REQUEST, mDeps.getCallingUid(), 0, networkRequest));
|
||||
}
|
||||
|
||||
private void releaseNetworkRequestAndCallOnUnavailable(NetworkRequest networkRequest) {
|
||||
ensureNetworkRequestHasType(networkRequest);
|
||||
mHandler.sendMessage(mHandler.obtainMessage(
|
||||
EVENT_RELEASE_NETWORK_REQUEST_AND_CALL_UNAVAILABLE, mDeps.getCallingUid(), 0,
|
||||
networkRequest));
|
||||
}
|
||||
|
||||
private void handleRegisterNetworkProvider(NetworkProviderInfo npi) {
|
||||
if (mNetworkProviderInfos.containsKey(npi.messenger)) {
|
||||
// Avoid creating duplicates. even if an app makes a direct AIDL call.
|
||||
@@ -10625,7 +10603,11 @@ public class ConnectivityService extends IConnectivityManager.Stub
|
||||
if (callback == null) throw new IllegalArgumentException("callback must be non-null");
|
||||
|
||||
if (!nai.networkCapabilities.hasCapability(NET_CAPABILITY_NOT_RESTRICTED)) {
|
||||
enforceConnectivityRestrictedNetworksPermission();
|
||||
// TODO: Check allowed list here and ensure that either a) any QoS callback registered
|
||||
// on this network is unregistered when the app loses permission or b) no QoS
|
||||
// callbacks are sent for restricted networks unless the app currently has permission
|
||||
// to access restricted networks.
|
||||
enforceConnectivityRestrictedNetworksPermission(false /* checkUidsAllowedList */);
|
||||
}
|
||||
mQosCallbackTracker.registerCallback(callback, filter, nai);
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user