LineageOS/android_packages_modules_Connectivity
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge "Fix the internet permission for native services" am: dcc6ebb96f am: 5d4822bcd2

Browse Source 
am: d053460495

Change-Id: I7f22aafe3b35f24e68fff85723aaceb4a0444af5
This commit is contained in:
Chenbo Feng
2019-05-23 17:22:39 -07:00
committed by android-build-merger
parent 1dc7494bbb d053460495
commit 8b9a2f571b
1 changed files with 3 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
services/core/java/com/android/server/connectivity/PermissionMonitor.java
View File

@@ -199,15 +199,13 @@ public class PermissionMonitor {
ArraySet<String> perms = systemPermission.valueAt(i); ArraySet<String> perms = systemPermission.valueAt(i);
int uid = systemPermission.keyAt(i); int uid = systemPermission.keyAt(i);
int netdPermission = 0; int netdPermission = 0;
// Get the uids of native services that have UPDATE_DEVICE_STATS permission. // Get the uids of native services that have UPDATE_DEVICE_STATS or INTERNET permission.
if (perms != null) { if (perms != null) {
netdPermission |= perms.contains(UPDATE_DEVICE_STATS) netdPermission |= perms.contains(UPDATE_DEVICE_STATS)
? INetd.PERMISSION_UPDATE_DEVICE_STATS : 0; ? INetd.PERMISSION_UPDATE_DEVICE_STATS : 0;
netdPermission |= perms.contains(INTERNET)
? INetd.PERMISSION_INTERNET : 0;
} }
// For internet permission, the native services have their own selinux domains and
// sepolicy will control the socket creation during run time. netd cannot block the
// socket creation based on the permission information here.
netdPermission |= INetd.PERMISSION_INTERNET;
netdPermsUids.put(uid, netdPermsUids.get(uid) | netdPermission); netdPermsUids.put(uid, netdPermsUids.get(uid) | netdPermission);
} }
log("Users: " + mUsers.size() + ", Apps: " + mApps.size()); log("Users: " + mUsers.size() + ", Apps: " + mApps.size());