diff --git a/core/java/android/net/ConnectivityManager.java b/core/java/android/net/ConnectivityManager.java index 194068cd74..d95da91d20 100644 --- a/core/java/android/net/ConnectivityManager.java +++ b/core/java/android/net/ConnectivityManager.java @@ -1006,7 +1006,7 @@ public class ConnectivityManager { * * @hide */ - @RequiresPermission(android.Manifest.permission.CONNECTIVITY_INTERNAL) + @RequiresPermission(android.Manifest.permission.NETWORK_STACK) @Nullable public Network getActiveNetworkForUid(int uid) { return getActiveNetworkForUid(uid, false); @@ -1135,7 +1135,7 @@ public class ConnectivityManager { * * {@hide} */ - @RequiresPermission(android.Manifest.permission.CONNECTIVITY_INTERNAL) + @RequiresPermission(android.Manifest.permission.NETWORK_STACK) @UnsupportedAppUsage public NetworkInfo getActiveNetworkInfoForUid(int uid) { return getActiveNetworkInfoForUid(uid, false); @@ -1370,10 +1370,14 @@ public class ConnectivityManager { * The system network validation may be using different strategies to detect captive portals, * so this method does not necessarily return a URL used by the system. It only returns a URL * that may be relevant for other components trying to detect captive portals. + * * @hide + * @deprecated This API returns URL which is not guaranteed to be one of the URLs used by the + * system. */ + @Deprecated @SystemApi - @RequiresPermission(android.Manifest.permission.LOCAL_MAC_ADDRESS) + @RequiresPermission(android.Manifest.permission.NETWORK_SETTINGS) public String getCaptivePortalServerUrl() { try { return mService.getCaptivePortalServerUrl(); @@ -2399,6 +2403,7 @@ public class ConnectivityManager { * @return an array of 0 or more {@code String} of tethered dhcp ranges. * {@hide} */ + @RequiresPermission(android.Manifest.permission.NETWORK_SETTINGS) public String[] getTetheredDhcpRanges() { try { return mService.getTetheredDhcpRanges(); @@ -2978,7 +2983,7 @@ public class ConnectivityManager { * HTTP proxy. A {@code null} value will clear the global HTTP proxy. * @hide */ - @RequiresPermission(android.Manifest.permission.CONNECTIVITY_INTERNAL) + @RequiresPermission(android.Manifest.permission.NETWORK_STACK) public void setGlobalProxy(ProxyInfo p) { try { mService.setGlobalProxy(p); @@ -3123,6 +3128,7 @@ public class ConnectivityManager { * Get the mobile provisioning url. * {@hide} */ + @RequiresPermission(android.Manifest.permission.NETWORK_SETTINGS) public String getMobileProvisioningUrl() { try { return mService.getMobileProvisioningUrl(); @@ -3169,6 +3175,7 @@ public class ConnectivityManager { /** {@hide} - returns the factory serial number */ @UnsupportedAppUsage + @RequiresPermission(android.Manifest.permission.NETWORK_FACTORY) public int registerNetworkFactory(Messenger messenger, String name) { try { return mService.registerNetworkFactory(messenger, name); @@ -3179,6 +3186,7 @@ public class ConnectivityManager { /** {@hide} */ @UnsupportedAppUsage(maxTargetSdk = Build.VERSION_CODES.P, trackingBug = 115609023) + @RequiresPermission(android.Manifest.permission.NETWORK_FACTORY) public void unregisterNetworkFactory(Messenger messenger) { try { mService.unregisterNetworkFactory(messenger); @@ -3196,6 +3204,7 @@ public class ConnectivityManager { * Register a NetworkAgent with ConnectivityService. * @return NetID corresponding to NetworkAgent. */ + @RequiresPermission(android.Manifest.permission.NETWORK_FACTORY) public int registerNetworkAgent(Messenger messenger, NetworkInfo ni, LinkProperties lp, NetworkCapabilities nc, int score, NetworkMisc misc) { return registerNetworkAgent(messenger, ni, lp, nc, score, misc, @@ -3207,6 +3216,7 @@ public class ConnectivityManager { * Register a NetworkAgent with ConnectivityService. * @return NetID corresponding to NetworkAgent. */ + @RequiresPermission(android.Manifest.permission.NETWORK_FACTORY) public int registerNetworkAgent(Messenger messenger, NetworkInfo ni, LinkProperties lp, NetworkCapabilities nc, int score, NetworkMisc misc, int factorySerialNumber) { try { @@ -4201,7 +4211,7 @@ public class ConnectivityManager { * * @hide */ - @RequiresPermission(android.Manifest.permission.CONNECTIVITY_INTERNAL) + @RequiresPermission(android.Manifest.permission.NETWORK_SETTINGS) public void startCaptivePortalApp(Network network) { try { mService.startCaptivePortalApp(network); @@ -4317,6 +4327,7 @@ public class ConnectivityManager { * Resets all connectivity manager settings back to factory defaults. * @hide */ + @RequiresPermission(android.Manifest.permission.NETWORK_SETTINGS) public void factoryReset() { try { mService.factoryReset(); diff --git a/services/core/java/com/android/server/ConnectivityService.java b/services/core/java/com/android/server/ConnectivityService.java index 36f44e48b8..b6e8db03a5 100644 --- a/services/core/java/com/android/server/ConnectivityService.java +++ b/services/core/java/com/android/server/ConnectivityService.java @@ -1395,7 +1395,7 @@ public class ConnectivityService extends IConnectivityManager.Stub @Override public Network getActiveNetworkForUid(int uid, boolean ignoreBlocked) { - enforceConnectivityInternalPermission(); + NetworkStack.checkNetworkStackPermission(mContext); return getActiveNetworkForUidInternal(uid, ignoreBlocked); } @@ -1437,7 +1437,7 @@ public class ConnectivityService extends IConnectivityManager.Stub @Override public NetworkInfo getActiveNetworkInfoForUid(int uid, boolean ignoreBlocked) { - enforceConnectivityInternalPermission(); + NetworkStack.checkNetworkStackPermission(mContext); final NetworkState state = getUnfilteredActiveNetworkState(uid); filterNetworkStateForUid(state, uid, ignoreBlocked); return state.networkInfo; @@ -1656,8 +1656,8 @@ public class ConnectivityService extends IConnectivityManager.Stub @Override public NetworkState[] getAllNetworkState() { - // Require internal since we're handing out IMSI details - enforceConnectivityInternalPermission(); + // This contains IMSI details, so make sure the caller is privileged. + NetworkStack.checkNetworkStackPermission(mContext); final ArrayList result = Lists.newArrayList(); for (Network network : getAllNetworks()) { @@ -1735,7 +1735,7 @@ public class ConnectivityService extends IConnectivityManager.Stub } enforceChangePermission(); if (mProtectedNetworks.contains(networkType)) { - enforceConnectivityInternalPermission(); + enforceConnectivityRestrictedNetworksPermission(); } InetAddress addr; @@ -2005,6 +2005,12 @@ public class ConnectivityService extends IConnectivityManager.Stub NetworkStack.PERMISSION_MAINLINE_NETWORK_STACK); } + private void enforceNetworkFactoryPermission() { + mContext.enforceCallingOrSelfPermission( + android.Manifest.permission.NETWORK_FACTORY, + "ConnectivityService"); + } + private boolean checkSettingsPermission() { return checkAnyPermissionOf( android.Manifest.permission.NETWORK_SETTINGS, @@ -2024,18 +2030,19 @@ public class ConnectivityService extends IConnectivityManager.Stub "ConnectivityService"); } - private void enforceConnectivityInternalPermission() { - enforceAnyPermissionOf( - android.Manifest.permission.CONNECTIVITY_INTERNAL, - NetworkStack.PERMISSION_MAINLINE_NETWORK_STACK); - } - private void enforceControlAlwaysOnVpnPermission() { mContext.enforceCallingOrSelfPermission( android.Manifest.permission.CONTROL_ALWAYS_ON_VPN, "ConnectivityService"); } + private void enforceNetworkStackOrSettingsPermission() { + enforceAnyPermissionOf( + android.Manifest.permission.NETWORK_SETTINGS, + android.Manifest.permission.NETWORK_STACK, + NetworkStack.PERMISSION_MAINLINE_NETWORK_STACK); + } + private void enforceNetworkStackSettingsOrSetup() { enforceAnyPermissionOf( android.Manifest.permission.NETWORK_SETTINGS, @@ -2063,7 +2070,11 @@ public class ConnectivityService extends IConnectivityManager.Stub "ConnectivityService"); return; } catch (SecurityException e) { /* fallback to ConnectivityInternalPermission */ } - enforceConnectivityInternalPermission(); + // TODO: Remove this fallback check after all apps have declared + // CONNECTIVITY_USE_RESTRICTED_NETWORKS. + mContext.enforceCallingOrSelfPermission( + android.Manifest.permission.CONNECTIVITY_INTERNAL, + "ConnectivityService"); } private void enforceKeepalivePermission() { @@ -2072,7 +2083,7 @@ public class ConnectivityService extends IConnectivityManager.Stub // Public because it's used by mLockdownTracker. public void sendConnectedBroadcast(NetworkInfo info) { - enforceConnectivityInternalPermission(); + NetworkStack.checkNetworkStackPermission(mContext); sendGeneralBroadcast(info, CONNECTIVITY_ACTION); } @@ -3589,7 +3600,7 @@ public class ConnectivityService extends IConnectivityManager.Stub @Override public void startCaptivePortalApp(Network network) { - enforceConnectivityInternalPermission(); + enforceNetworkStackOrSettingsPermission(); mHandler.post(() -> { NetworkAgentInfo nai = getNetworkAgentInfoForNetwork(network); if (nai == null) return; @@ -4080,7 +4091,7 @@ public class ConnectivityService extends IConnectivityManager.Stub @Override public String[] getTetheredDhcpRanges() { - enforceConnectivityInternalPermission(); + enforceSettingsPermission(); return mTetheringManager.getTetheredDhcpRanges(); } @@ -4304,7 +4315,7 @@ public class ConnectivityService extends IConnectivityManager.Stub @Override public void setGlobalProxy(final ProxyInfo proxyProperties) { - enforceConnectivityInternalPermission(); + NetworkStack.checkNetworkStackPermission(mContext); mProxyTracker.setGlobalProxy(proxyProperties); } @@ -4843,7 +4854,7 @@ public class ConnectivityService extends IConnectivityManager.Stub @Override public String getMobileProvisioningUrl() { - enforceConnectivityInternalPermission(); + enforceSettingsPermission(); String url = getProvisioningUrlBaseFromFile(); if (TextUtils.isEmpty(url)) { url = mContext.getResources().getString(R.string.mobile_provisioning_url); @@ -4869,7 +4880,7 @@ public class ConnectivityService extends IConnectivityManager.Stub @Override public void setProvisioningNotificationVisible(boolean visible, int networkType, String action) { - enforceConnectivityInternalPermission(); + enforceSettingsPermission(); if (!ConnectivityManager.isNetworkTypeValid(networkType)) { return; } @@ -5457,7 +5468,7 @@ public class ConnectivityService extends IConnectivityManager.Stub @Override public int registerNetworkFactory(Messenger messenger, String name) { - enforceConnectivityInternalPermission(); + enforceNetworkFactoryPermission(); NetworkFactoryInfo nfi = new NetworkFactoryInfo(name, messenger, new AsyncChannel(), NetworkFactory.SerialNumber.nextSerialNumber()); mHandler.sendMessage(mHandler.obtainMessage(EVENT_REGISTER_NETWORK_FACTORY, nfi)); @@ -5472,7 +5483,7 @@ public class ConnectivityService extends IConnectivityManager.Stub @Override public void unregisterNetworkFactory(Messenger messenger) { - enforceConnectivityInternalPermission(); + enforceNetworkFactoryPermission(); mHandler.sendMessage(mHandler.obtainMessage(EVENT_UNREGISTER_NETWORK_FACTORY, messenger)); } @@ -5571,7 +5582,7 @@ public class ConnectivityService extends IConnectivityManager.Stub public int registerNetworkAgent(Messenger messenger, NetworkInfo networkInfo, LinkProperties linkProperties, NetworkCapabilities networkCapabilities, int currentScore, NetworkMisc networkMisc, int factorySerialNumber) { - enforceConnectivityInternalPermission(); + enforceNetworkFactoryPermission(); LinkProperties lp = new LinkProperties(linkProperties); lp.ensureDirectlyConnectedRoutes(); @@ -6935,7 +6946,7 @@ public class ConnectivityService extends IConnectivityManager.Stub @Override public String getCaptivePortalServerUrl() { - enforceConnectivityInternalPermission(); + enforceNetworkStackOrSettingsPermission(); String settingUrl = mContext.getResources().getString( R.string.config_networkCaptivePortalServerUrl); @@ -6988,7 +6999,7 @@ public class ConnectivityService extends IConnectivityManager.Stub @Override public void factoryReset() { - enforceConnectivityInternalPermission(); + enforceSettingsPermission(); if (mUserManager.hasUserRestriction(UserManager.DISALLOW_NETWORK_RESET)) { return; diff --git a/services/core/java/com/android/server/connectivity/PermissionMonitor.java b/services/core/java/com/android/server/connectivity/PermissionMonitor.java index 56f4959a97..f0b7150dd8 100644 --- a/services/core/java/com/android/server/connectivity/PermissionMonitor.java +++ b/services/core/java/com/android/server/connectivity/PermissionMonitor.java @@ -17,7 +17,6 @@ package com.android.server.connectivity; import static android.Manifest.permission.CHANGE_NETWORK_STATE; -import static android.Manifest.permission.CONNECTIVITY_INTERNAL; import static android.Manifest.permission.CONNECTIVITY_USE_RESTRICTED_NETWORKS; import static android.Manifest.permission.INTERNET; import static android.Manifest.permission.NETWORK_STACK; @@ -25,6 +24,7 @@ import static android.Manifest.permission.UPDATE_DEVICE_STATS; import static android.content.pm.PackageInfo.REQUESTED_PERMISSION_GRANTED; import static android.content.pm.PackageManager.GET_PERMISSIONS; import static android.content.pm.PackageManager.MATCH_ANY_USER; +import static android.net.NetworkStack.PERMISSION_MAINLINE_NETWORK_STACK; import static android.os.Process.INVALID_UID; import static android.os.Process.SYSTEM_UID; @@ -259,7 +259,8 @@ public class PermissionMonitor { return true; } } - return hasPermission(app, CONNECTIVITY_INTERNAL) + + return hasPermission(app, PERMISSION_MAINLINE_NETWORK_STACK) || hasPermission(app, NETWORK_STACK) || hasPermission(app, CONNECTIVITY_USE_RESTRICTED_NETWORKS); } diff --git a/tests/net/java/com/android/server/connectivity/PermissionMonitorTest.java b/tests/net/java/com/android/server/connectivity/PermissionMonitorTest.java index 2738daaa53..39f849c340 100644 --- a/tests/net/java/com/android/server/connectivity/PermissionMonitorTest.java +++ b/tests/net/java/com/android/server/connectivity/PermissionMonitorTest.java @@ -265,6 +265,8 @@ public class PermissionMonitorTest { assertFalse(mPermissionMonitor.hasNetworkPermission(app)); app = systemPackageInfoWithPermissions(CONNECTIVITY_USE_RESTRICTED_NETWORKS); assertFalse(mPermissionMonitor.hasNetworkPermission(app)); + app = systemPackageInfoWithPermissions(CONNECTIVITY_INTERNAL); + assertFalse(mPermissionMonitor.hasNetworkPermission(app)); } @Test @@ -274,7 +276,7 @@ public class PermissionMonitorTest { PARTITION_SYSTEM, VERSION_P, MOCK_UID1, CHANGE_NETWORK_STATE)); assertTrue(hasRestrictedNetworkPermission( PARTITION_SYSTEM, VERSION_P, MOCK_UID1, NETWORK_STACK)); - assertTrue(hasRestrictedNetworkPermission( + assertFalse(hasRestrictedNetworkPermission( PARTITION_SYSTEM, VERSION_P, MOCK_UID1, CONNECTIVITY_INTERNAL)); assertTrue(hasRestrictedNetworkPermission( PARTITION_SYSTEM, VERSION_P, MOCK_UID1, CONNECTIVITY_USE_RESTRICTED_NETWORKS)); @@ -283,7 +285,7 @@ public class PermissionMonitorTest { assertFalse(hasRestrictedNetworkPermission(PARTITION_SYSTEM, VERSION_Q, MOCK_UID1)); assertFalse(hasRestrictedNetworkPermission( - PARTITION_SYSTEM, VERSION_Q, MOCK_UID1, CHANGE_WIFI_STATE)); + PARTITION_SYSTEM, VERSION_Q, MOCK_UID1, CONNECTIVITY_INTERNAL)); } @Test @@ -291,14 +293,14 @@ public class PermissionMonitorTest { doReturn(VERSION_P).when(mPermissionMonitor).getDeviceFirstSdkInt(); assertTrue(hasRestrictedNetworkPermission(PARTITION_SYSTEM, VERSION_P, SYSTEM_UID)); assertTrue(hasRestrictedNetworkPermission( - PARTITION_SYSTEM, VERSION_P, SYSTEM_UID, CHANGE_WIFI_STATE)); + PARTITION_SYSTEM, VERSION_P, SYSTEM_UID, CONNECTIVITY_INTERNAL)); assertTrue(hasRestrictedNetworkPermission( PARTITION_SYSTEM, VERSION_P, SYSTEM_UID, CONNECTIVITY_USE_RESTRICTED_NETWORKS)); doReturn(VERSION_Q).when(mPermissionMonitor).getDeviceFirstSdkInt(); assertFalse(hasRestrictedNetworkPermission(PARTITION_SYSTEM, VERSION_Q, SYSTEM_UID)); assertFalse(hasRestrictedNetworkPermission( - PARTITION_SYSTEM, VERSION_Q, SYSTEM_UID, CHANGE_WIFI_STATE)); + PARTITION_SYSTEM, VERSION_Q, SYSTEM_UID, CONNECTIVITY_INTERNAL)); assertTrue(hasRestrictedNetworkPermission( PARTITION_SYSTEM, VERSION_Q, SYSTEM_UID, CONNECTIVITY_USE_RESTRICTED_NETWORKS)); } @@ -319,7 +321,7 @@ public class PermissionMonitorTest { assertFalse(hasRestrictedNetworkPermission(PARTITION_VENDOR, VERSION_Q, MOCK_UID1)); assertFalse(hasRestrictedNetworkPermission( - PARTITION_VENDOR, VERSION_Q, MOCK_UID1, CHANGE_WIFI_STATE)); + PARTITION_VENDOR, VERSION_Q, MOCK_UID1, CONNECTIVITY_INTERNAL)); assertFalse(hasRestrictedNetworkPermission( PARTITION_VENDOR, VERSION_Q, MOCK_UID1, CHANGE_NETWORK_STATE)); } @@ -337,7 +339,7 @@ public class PermissionMonitorTest { public void testHasUseBackgroundNetworksPermission() throws Exception { assertFalse(mPermissionMonitor.hasUseBackgroundNetworksPermission(SYSTEM_UID)); assertBackgroundPermission(false, SYSTEM_PACKAGE1, SYSTEM_UID); - assertBackgroundPermission(false, SYSTEM_PACKAGE1, SYSTEM_UID, CHANGE_WIFI_STATE); + assertBackgroundPermission(false, SYSTEM_PACKAGE1, SYSTEM_UID, CONNECTIVITY_INTERNAL); assertBackgroundPermission(true, SYSTEM_PACKAGE1, SYSTEM_UID, CHANGE_NETWORK_STATE); assertBackgroundPermission(true, SYSTEM_PACKAGE1, SYSTEM_UID, NETWORK_STACK); @@ -348,8 +350,9 @@ public class PermissionMonitorTest { assertFalse(mPermissionMonitor.hasUseBackgroundNetworksPermission(MOCK_UID2)); assertBackgroundPermission(false, MOCK_PACKAGE2, MOCK_UID2); - assertBackgroundPermission(true, MOCK_PACKAGE2, MOCK_UID2, + assertBackgroundPermission(false, MOCK_PACKAGE2, MOCK_UID2, CONNECTIVITY_INTERNAL); + assertBackgroundPermission(true, MOCK_PACKAGE2, MOCK_UID2, NETWORK_STACK); } private class NetdMonitor {