LineageOS/android_packages_modules_Connectivity
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add MANAGE_IPSEC_TUNNELS Permission

Browse Source 
Add a new MANAGE_IPSEC_TUNNELS permission and
protect all IPsec Tunnel mode APIs with it.
This permission is only granted to the system or
through an AppOp.

Bug: 66955045
Test: compilation
Merged-In: I0f618373b500c493ef2211bece681f74652a1833
Change-Id: I0f618373b500c493ef2211bece681f74652a1833
(cherry picked from commit 00e77247eb)
This commit is contained in:
Nathan Harold
2018-03-21 15:32:42 -07:00
parent 67724c654e
commit b9df8b1fca
2 changed files with 7 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
core/java/android/net/IpSecManager.java
View File

@@ -691,6 +691,7 @@ public final class IpSecManager {
* @hide
*/
@SystemApi
@RequiresPermission(android.Manifest.permission.MANAGE_IPSEC_TUNNELS)
public void addAddress(@NonNull LinkAddress address) throws IOException {
try {
mService.addAddressToTunnelInterface(mResourceId, address);
@@ -708,6 +709,7 @@ public final class IpSecManager {
* @hide
*/
@SystemApi
@RequiresPermission(android.Manifest.permission.MANAGE_IPSEC_TUNNELS)
public void removeAddress(@NonNull LinkAddress address) throws IOException {
try {
mService.removeAddressFromTunnelInterface(mResourceId, address);
@@ -801,7 +803,7 @@ public final class IpSecManager {
*/
@SystemApi
@NonNull
@RequiresPermission(android.Manifest.permission.NETWORK_STACK)
@RequiresPermission(android.Manifest.permission.MANAGE_IPSEC_TUNNELS)
public IpSecTunnelInterface createIpSecTunnelInterface(@NonNull InetAddress localAddress,
@NonNull InetAddress remoteAddress, @NonNull Network underlyingNetwork)
throws ResourceUnavailableException, IOException {
@@ -826,7 +828,7 @@ public final class IpSecManager {
* @hide
*/
@SystemApi
@RequiresPermission(android.Manifest.permission.NETWORK_STACK)
@RequiresPermission(android.Manifest.permission.MANAGE_IPSEC_TUNNELS)
public void applyTunnelModeTransform(@NonNull IpSecTunnelInterface tunnel,
@PolicyDirection int direction, @NonNull IpSecTransform transform) throws IOException {
try {

6
core/java/android/net/IpSecTransform.java
View File

@@ -282,7 +282,7 @@ public final class IpSecTransform implements AutoCloseable {
*/
@SystemApi
@RequiresPermission(anyOf = {
android.Manifest.permission.NETWORK_STACK,
android.Manifest.permission.MANAGE_IPSEC_TUNNELS,
android.Manifest.permission.PACKET_KEEPALIVE_OFFLOAD
})
public void startNattKeepalive(@NonNull NattKeepaliveCallback userCallback,
@@ -325,7 +325,7 @@ public final class IpSecTransform implements AutoCloseable {
*/
@SystemApi
@RequiresPermission(anyOf = {
android.Manifest.permission.NETWORK_STACK,
android.Manifest.permission.MANAGE_IPSEC_TUNNELS,
android.Manifest.permission.PACKET_KEEPALIVE_OFFLOAD
})
public void stopNattKeepalive() {
@@ -478,7 +478,7 @@ public final class IpSecTransform implements AutoCloseable {
*/
@SystemApi
@NonNull
@RequiresPermission(android.Manifest.permission.NETWORK_STACK)
@RequiresPermission(android.Manifest.permission.MANAGE_IPSEC_TUNNELS)
public IpSecTransform buildTunnelModeTransform(
@NonNull InetAddress sourceAddress,
@NonNull IpSecManager.SecurityParameterIndex spi)