LineageOS/android_packages_modules_Connectivity
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge "[RFPM04] Adjust hasRestrictedNetworkPermission method" am: 2933a04749 am: 6f9bce51aa

Browse Source 
Original change: https://android-review.googlesource.com/c/platform/frameworks/base/+/1321322

Change-Id: Id91c6de75e524080d15e2508007d5de997c7fd92
This commit is contained in:
Paul Hu
2020-08-03 11:18:31 +00:00
committed by Automerger Merge Worker
parent a4903ada1e 6f9bce51aa
commit 80804587f2
2 changed files with 75 additions and 80 deletions
Download Patch File Download Diff File Expand all files Collapse all files

33
services/core/java/com/android/server/connectivity/PermissionMonitor.java
View File

@@ -171,8 +171,8 @@ public class PermissionMonitor implements PackageManagerInternal.PackageListObse
mAllApps.add(UserHandle.getAppId(uid));
final boolean isNetwork = hasPermission(CHANGE_NETWORK_STATE, uid);
final boolean hasRestrictedPermission =
hasRestrictedNetworkPermission(app.applicationInfo);
final boolean hasRestrictedPermission = hasRestrictedNetworkPermission(uid)
|| isCarryoverPackage(app.applicationInfo);
if (isNetwork || hasRestrictedPermission) {
Boolean permission = mApps.get(uid);
@@ -200,7 +200,7 @@ public class PermissionMonitor implements PackageManagerInternal.PackageListObse
for (int i = 0; i < systemPermission.size(); i++) {
ArraySet<String> perms = systemPermission.valueAt(i);
int uid = systemPermission.keyAt(i);
int netdPermission = 0;
int netdPermission = PERMISSION_NONE;
// Get the uids of native services that have UPDATE_DEVICE_STATS or INTERNET permission.
if (perms != null) {
netdPermission |= perms.contains(UPDATE_DEVICE_STATS)
@@ -225,20 +225,21 @@ public class PermissionMonitor implements PackageManagerInternal.PackageListObse
}
@VisibleForTesting
boolean hasRestrictedNetworkPermission(@Nullable final ApplicationInfo appInfo) {
if (appInfo == null) return false;
// TODO : remove this check in the future(b/162295056). All apps should just
// request the appropriate permission for their use case since android Q.
if ((appInfo.targetSdkVersion < VERSION_Q && isVendorApp(appInfo))
// TODO : remove this check in the future(b/162295056). All apps should just request the
// appropriate permission for their use case since android Q.
boolean isCarryoverPackage(@Nullable final ApplicationInfo appInfo) {
if (appInfo == null) return false;
return (appInfo.targetSdkVersion < VERSION_Q && isVendorApp(appInfo))
// Backward compatibility for b/114245686, on devices that launched before Q daemons
// and apps running as the system UID are exempted from this check.
|| (appInfo.uid == SYSTEM_UID && mDeps.getDeviceFirstSdkInt() < VERSION_Q)) {
return true;
}
|| (appInfo.uid == SYSTEM_UID && mDeps.getDeviceFirstSdkInt() < VERSION_Q);
}
return hasPermission(PERMISSION_MAINLINE_NETWORK_STACK, appInfo.uid)
|| hasPermission(NETWORK_STACK, appInfo.uid)
|| hasPermission(CONNECTIVITY_USE_RESTRICTED_NETWORKS, appInfo.uid);
@VisibleForTesting
boolean hasRestrictedNetworkPermission(final int uid) {
return hasPermission(CONNECTIVITY_USE_RESTRICTED_NETWORKS, uid)
|| hasPermission(PERMISSION_MAINLINE_NETWORK_STACK, uid)
|| hasPermission(NETWORK_STACK, uid);
}
/** Returns whether the given uid has using background network permission. */
@@ -328,8 +329,8 @@ public class PermissionMonitor implements PackageManagerInternal.PackageListObse
try {
final PackageInfo app = mPackageManager.getPackageInfo(name, GET_PERMISSIONS);
final boolean isNetwork = hasPermission(CHANGE_NETWORK_STATE, uid);
final boolean hasRestrictedPermission =
hasRestrictedNetworkPermission(app.applicationInfo);
final boolean hasRestrictedPermission = hasRestrictedNetworkPermission(uid)
|| isCarryoverPackage(app.applicationInfo);
if (isNetwork || hasRestrictedPermission) {
currentPermission = hasRestrictedPermission;
}