From 8f7d6a7ece49169b70100e0f5833d5801323d976 Mon Sep 17 00:00:00 2001 From: Udam Saini Date: Wed, 7 Jun 2017 12:06:28 -0700 Subject: [PATCH] Adds necessary permissions to system apis adds privileged permission for getCaptivePortalServerUrl adds tether privileged permission for startTethering,isTetheringSupported bug:62348162 Test: make and manual testing Change-Id: I8eb8e3c9dcd7201abe9ea303ee57fe99073d67eb --- core/java/android/net/ConnectivityManager.java | 7 +++++-- core/java/android/net/IConnectivityManager.aidl | 2 +- .../java/com/android/server/ConnectivityService.java | 11 ++++++++--- 3 files changed, 14 insertions(+), 6 deletions(-) diff --git a/core/java/android/net/ConnectivityManager.java b/core/java/android/net/ConnectivityManager.java index f478071423..c2786e6cbf 100644 --- a/core/java/android/net/ConnectivityManager.java +++ b/core/java/android/net/ConnectivityManager.java @@ -1098,6 +1098,7 @@ public class ConnectivityManager { * @hide */ @SystemApi + @RequiresPermission(android.Manifest.permission.LOCAL_MAC_ADDRESS) public String getCaptivePortalServerUrl() { try { return mService.getCaptivePortalServerUrl(); @@ -2061,10 +2062,11 @@ public class ConnectivityManager { * {@hide} */ @SystemApi - @RequiresPermission(android.Manifest.permission.ACCESS_NETWORK_STATE) + @RequiresPermission(android.Manifest.permission.TETHER_PRIVILEGED) public boolean isTetheringSupported() { try { - return mService.isTetheringSupported(); + String pkgName = mContext.getOpPackageName(); + return mService.isTetheringSupported(pkgName); } catch (RemoteException e) { throw e.rethrowFromSystemServer(); } @@ -2094,6 +2096,7 @@ public class ConnectivityManager { * @hide */ @SystemApi + @RequiresPermission(android.Manifest.permission.TETHER_PRIVILEGED) public void startTethering(int type, boolean showProvisioningUi, final OnStartTetheringCallback callback) { startTethering(type, showProvisioningUi, callback, null); diff --git a/core/java/android/net/IConnectivityManager.aidl b/core/java/android/net/IConnectivityManager.aidl index 27729dcce7..14cee3604d 100644 --- a/core/java/android/net/IConnectivityManager.aidl +++ b/core/java/android/net/IConnectivityManager.aidl @@ -75,7 +75,7 @@ interface IConnectivityManager int getLastTetherError(String iface); - boolean isTetheringSupported(); + boolean isTetheringSupported(String callerPkg); void startTethering(int type, in ResultReceiver receiver, boolean showProvisioningUi, String callerPkg); diff --git a/services/core/java/com/android/server/ConnectivityService.java b/services/core/java/com/android/server/ConnectivityService.java index 224845ce68..98389a663f 100644 --- a/services/core/java/com/android/server/ConnectivityService.java +++ b/services/core/java/com/android/server/ConnectivityService.java @@ -2973,12 +2973,16 @@ public class ConnectivityService extends IConnectivityManager.Stub return mTethering.getTetheredDhcpRanges(); } + @Override + public boolean isTetheringSupported(String callerPkg) { + ConnectivityManager.enforceTetherChangePermission(mContext, callerPkg); + return isTetheringSupported(); + } + // if ro.tether.denied = true we default to no tethering // gservices could set the secure setting to 1 though to enable it on a build where it // had previously been turned off. - @Override - public boolean isTetheringSupported() { - enforceTetherAccessPermission(); + private boolean isTetheringSupported() { int defaultVal = encodeBool(!mSystemProperties.get("ro.tether.denied").equals("true")); boolean tetherSupported = toBool(Settings.Global.getInt(mContext.getContentResolver(), Settings.Global.TETHER_SUPPORTED, defaultVal)); @@ -5380,6 +5384,7 @@ public class ConnectivityService extends IConnectivityManager.Stub @Override public String getCaptivePortalServerUrl() { + enforceConnectivityInternalPermission(); return NetworkMonitor.getCaptivePortalServerHttpUrl(mContext); }