From ce3f9dc328cc2f3e9b800712e8dc152401252848 Mon Sep 17 00:00:00 2001 From: Billy Lau Date: Sat, 1 Aug 2015 12:45:02 +0100 Subject: [PATCH] Bug: 21588539 Move CHANGE_NETWORK_STATE to be in SYSTEM_SETTINGS Merge the CHANGE_NETWORK_STATE permission with WRITE_SETTINGS. AndroidManifest.xml: Raised the protection level of CHANGE_NETWORK_STATE permission from normal to signature|appops and pre23|preinstall for compatibility provider/Settings: Wrote new helper methods to check if app is allowed to change network state. ConnectivityManager.java & ConnectivityService.java: Replace enforcement checks for CHANGE_NETWORK_STATE with checkAndNoteChangeNetworkStateOperations instead. Change-Id: If8c2dd3c76a5324ca43f1d90fa17973216c2bcc5 --- core/java/android/net/ConnectivityManager.java | 5 +++-- .../core/java/com/android/server/ConnectivityService.java | 7 ++++--- 2 files changed, 7 insertions(+), 5 deletions(-) diff --git a/core/java/android/net/ConnectivityManager.java b/core/java/android/net/ConnectivityManager.java index abed1f04da..70154d58bd 100644 --- a/core/java/android/net/ConnectivityManager.java +++ b/core/java/android/net/ConnectivityManager.java @@ -1449,8 +1449,9 @@ public class ConnectivityManager { context.enforceCallingOrSelfPermission( android.Manifest.permission.CONNECTIVITY_INTERNAL, "ConnectivityService"); } else { - context.enforceCallingOrSelfPermission( - android.Manifest.permission.CHANGE_NETWORK_STATE, "ConnectivityService"); + int uid = Binder.getCallingUid(); + Settings.checkAndNoteChangeNetworkStateOperation(context, uid, Settings + .getPackageNameForUid(context, uid), true); } } diff --git a/services/core/java/com/android/server/ConnectivityService.java b/services/core/java/com/android/server/ConnectivityService.java index 6a22f22e82..e0b708ee17 100644 --- a/services/core/java/com/android/server/ConnectivityService.java +++ b/services/core/java/com/android/server/ConnectivityService.java @@ -1432,9 +1432,10 @@ public class ConnectivityService extends IConnectivityManager.Stub } private void enforceChangePermission() { - mContext.enforceCallingOrSelfPermission( - android.Manifest.permission.CHANGE_NETWORK_STATE, - "ConnectivityService"); + int uid = Binder.getCallingUid(); + Settings.checkAndNoteChangeNetworkStateOperation(mContext, uid, Settings + .getPackageNameForUid(mContext, uid), true); + } private void enforceTetherAccessPermission() {