LineageOS/android_packages_modules_Connectivity
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Change permissions checks for setAirplaneMode.

Browse Source 
Require NETWORK_SETTINGS (or NETWORK_SETUP_WIZARD) instead of the
legacy CONNECTIVITY_INTERNAL permission. The users are as follows:

- The system callers (Phone, Settings, SystemUI, VrSettings) all
  have NETWORK_SETTINGS.
- SetupWizard has NETWORK_SETUP_WIZARD
- sl4a has NETWORK_STACK

Bug: 115302596
Test: builds, boots, airplane mode via SystemUI works
Change-Id: I8ca40182bd8b5e3fd9a82296c0cc28de30ed4baf
This commit is contained in:
Lorenzo Colitti
2018-10-09 18:55:11 +09:00
parent 0bfef02a24
commit c7da00d199
2 changed files with 22 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
core/java/android/net/ConnectivityManager.java
View File

@@ -2727,7 +2727,10 @@ public class ConnectivityManager {
* *
* @hide * @hide
*/ */
@RequiresPermission(android.Manifest.permission.CONNECTIVITY_INTERNAL) @RequiresPermission(anyOf = {
android.Manifest.permission.NETWORK_SETTINGS,
android.Manifest.permission.NETWORK_SETUP_WIZARD,
android.Manifest.permission.NETWORK_STACK})
@SystemApi @SystemApi
public void setAirplaneMode(boolean enable) { public void setAirplaneMode(boolean enable) {
try { try {

19
services/core/java/com/android/server/ConnectivityService.java
View File

@@ -1679,6 +1679,16 @@ public class ConnectivityService extends IConnectivityManager.Stub
"ConnectivityService"); "ConnectivityService");
} }
private void enforceAnyPermissionOf(String... permissions) {
for (String permission : permissions) {
if (mContext.checkCallingOrSelfPermission(permission) == PERMISSION_GRANTED) {
return;
}
}
throw new SecurityException(
"Requires one of the following permissions: " + String.join(", ", permissions) + ".");
}
private void enforceInternetPermission() { private void enforceInternetPermission() {
mContext.enforceCallingOrSelfPermission( mContext.enforceCallingOrSelfPermission(
android.Manifest.permission.INTERNET, android.Manifest.permission.INTERNET,
@@ -1723,6 +1733,13 @@ public class ConnectivityService extends IConnectivityManager.Stub
"ConnectivityService"); "ConnectivityService");
} }
private void enforceNetworkStackSettingsOrSetup() {
enforceAnyPermissionOf(
android.Manifest.permission.NETWORK_SETTINGS,
android.Manifest.permission.NETWORK_SETUP_WIZARD,
android.Manifest.permission.NETWORK_STACK);
}
private boolean checkNetworkStackPermission() { private boolean checkNetworkStackPermission() {
return PERMISSION_GRANTED == mContext.checkCallingOrSelfPermission( return PERMISSION_GRANTED == mContext.checkCallingOrSelfPermission(
android.Manifest.permission.NETWORK_STACK); android.Manifest.permission.NETWORK_STACK);
@@ -4008,7 +4025,7 @@ public class ConnectivityService extends IConnectivityManager.Stub
@Override @Override
public void setAirplaneMode(boolean enable) { public void setAirplaneMode(boolean enable) {
enforceConnectivityInternalPermission(); enforceNetworkStackSettingsOrSetup();
final long ident = Binder.clearCallingIdentity(); final long ident = Binder.clearCallingIdentity();
try { try {
final ContentResolver cr = mContext.getContentResolver(); final ContentResolver cr = mContext.getContentResolver();