From 8378aec5fb5e05e0ea046cee59996a36aed246d5 Mon Sep 17 00:00:00 2001
From: James Mattis <jmattis@google.com>
Date: Tue, 26 Jan 2021 14:05:36 -0800
Subject: [PATCH] Adding permission for OEM managed preferences

Adding CONTROL_OEM_PAID_NETWORK_PREFERENCE as a signature level
permission to allow an application to control OEM managed network
preferences.

Bug: 176496438
Bug: 176494815
Test: atest FrameworksNetTests
atest NetworkStackTests
atest FrameworksNetIntegrationTests
atest NetworkStackIntegrationTests
atest CtsNetTestCasesLatestSdk
Change-Id: Iee13e89f3931c7079c2d88cb57b249b1b1cf93ad

Change-Id: Id29cafe1eaf5dff8a0605cb2579204d9c77b7e70
---
 framework/src/android/net/ConnectivityManager.java       | 1 +
 .../java/com/android/server/ConnectivityService.java     | 9 ++++++++-
 2 files changed, 9 insertions(+), 1 deletion(-)

diff --git a/framework/src/android/net/ConnectivityManager.java b/framework/src/android/net/ConnectivityManager.java
index c820a7e80f..811b053332 100644
--- a/framework/src/android/net/ConnectivityManager.java
+++ b/framework/src/android/net/ConnectivityManager.java
@@ -5116,6 +5116,7 @@ public class ConnectivityManager {
      * @throws SecurityException if missing the appropriate permissions.
      * @throws UnsupportedOperationException if called on a non-automotive device.
      */
+    @RequiresPermission(android.Manifest.permission.CONTROL_OEM_PAID_NETWORK_PREFERENCE)
     private void setOemNetworkPreference(@NonNull final OemNetworkPreferences preference,
             @Nullable @CallbackExecutor final Executor executor,
             @Nullable final OnSetOemNetworkPreferenceListener listener) {
diff --git a/services/core/java/com/android/server/ConnectivityService.java b/services/core/java/com/android/server/ConnectivityService.java
index 44ae458c78..c0d3e102af 100644
--- a/services/core/java/com/android/server/ConnectivityService.java
+++ b/services/core/java/com/android/server/ConnectivityService.java
@@ -2312,6 +2312,12 @@ public class ConnectivityService extends IConnectivityManager.Stub
                 NetworkStack.PERMISSION_MAINLINE_NETWORK_STACK);
     }
 
+    private void enforceOemNetworkPreferencesPermission() {
+        mContext.enforceCallingOrSelfPermission(
+                android.Manifest.permission.CONTROL_OEM_PAID_NETWORK_PREFERENCE,
+                "ConnectivityService");
+    }
+
     private boolean checkNetworkStackPermission() {
         return checkAnyPermissionOf(
                 android.Manifest.permission.NETWORK_STACK,
@@ -9334,8 +9340,9 @@ public class ConnectivityService extends IConnectivityManager.Stub
     public void setOemNetworkPreference(
             @NonNull final OemNetworkPreferences preference,
             @Nullable final IOnSetOemNetworkPreferenceListener listener) {
+
+        enforceOemNetworkPreferencesPermission();
         enforceAutomotiveDevice();
-        // TODO http://b/176496438 add permission check once permissions are added.
 
         Objects.requireNonNull(preference, "OemNetworkPreferences must be non-null");
         validateOemNetworkPreferences(preference);