LineageOS/android_packages_modules_Connectivity
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge changes Ide9daebc,Id47ada57

Browse Source 
* changes:
  Ensure all VPN runners clean up state when exiting
  Enforce restricted user, getConnectionOwnerUid checks
This commit is contained in:
Benedict Wong
2020-02-17 21:30:35 +00:00
committed by Gerrit Code Review
parent e777d054f4 0bd4bba07a
commit d07db8a8da
4 changed files with 186 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
services/core/java/com/android/server/ConnectivityService.java
View File

@@ -7528,6 +7528,13 @@ public class ConnectivityService extends IConnectivityManager.Stub
*/
public int getConnectionOwnerUid(ConnectionInfo connectionInfo) {
final Vpn vpn = enforceActiveVpnOrNetworkStackPermission();
// Only VpnService based VPNs should be able to get this information.
if (vpn != null && vpn.getActiveAppVpnType() != VpnManager.TYPE_VPN_SERVICE) {
throw new SecurityException(
"getConnectionOwnerUid() not allowed for non-VpnService VPNs");
}
if (connectionInfo.protocol != IPPROTO_TCP && connectionInfo.protocol != IPPROTO_UDP) {
throw new IllegalArgumentException("Unsupported protocol " + connectionInfo.protocol);
}