Enforce NETWORK_STACK permission for calling NSS#forceUpdateIfaces

ConnectivityManager and its usages are removed from
NetworkStatsService. After that, forceUpdateIfaces requires
information that only ConnectivityService has, hence
restricting the calling permission to NETWORK_STACK or
MAINLINE_NETWORK_STACK permission. The required permission
will be changed from READ_NETWORK_USAGE_HISTORY to
NETWORK_STACK or MAINLINE_NETWORK_STACK. This change would make
it impossible to call outside the system.

Bug: 126830974
Test: atest FrameworksNetTests
Merged-In: I1b26dc64eaab2151e6885fd01cc5e8d4e18c4e60
Change-Id: I4ea421e4126a45f65d25fe0bec74243a3b20aeab
(cherry picked from commit 6b895dea25b4fca87d275bb78367411623ded1d4)

services/core/java/com/android/server/net/NetworkStatsService.java

@@ -25,6 +25,7 @@ import static android.content.Intent.ACTION_USER_REMOVED;
 import static android.content.Intent.EXTRA_UID;
 import static android.net.ConnectivityManager.ACTION_TETHER_STATE_CHANGED;
 import static android.net.ConnectivityManager.isNetworkTypeMobile;
+import static android.net.NetworkStack.checkNetworkStackPermission;
 import static android.net.NetworkStats.DEFAULT_NETWORK_ALL;
 import static android.net.NetworkStats.IFACE_ALL;
 import static android.net.NetworkStats.INTERFACES_ALL;
@@ -866,7 +867,7 @@ public class NetworkStatsService extends INetworkStatsService.Stub {
             VpnInfo[] vpnArray,
             NetworkState[] networkStates,
             String activeIface) {
-        mContext.enforceCallingOrSelfPermission(READ_NETWORK_USAGE_HISTORY, TAG);
+        checkNetworkStackPermission(mContext);
         assertBandwidthControlEnabled();
 
         final long token = Binder.clearCallingIdentity();