From b4f31a2f5638c71782e743b11745434bf9b4107e Mon Sep 17 00:00:00 2001 From: Udam Saini Date: Wed, 7 Jun 2017 12:06:28 -0700 Subject: [PATCH] Adds necessary permissions to system apis adds privileged permission for getCaptivePortalServerUrl adds tether privileged permission for startTethering,isTetheringSupported bug:62348162 Test: make and manual testing Change-Id: I8eb8e3c9dcd7201abe9ea303ee57fe99073d67eb --- core/java/android/net/ConnectivityManager.java | 7 +++++-- core/java/android/net/IConnectivityManager.aidl | 2 +- .../java/com/android/server/ConnectivityService.java | 11 ++++++++--- 3 files changed, 14 insertions(+), 6 deletions(-) diff --git a/core/java/android/net/ConnectivityManager.java b/core/java/android/net/ConnectivityManager.java index 3460f564fc..583cf32049 100644 --- a/core/java/android/net/ConnectivityManager.java +++ b/core/java/android/net/ConnectivityManager.java @@ -1125,6 +1125,7 @@ public class ConnectivityManager { * @hide */ @SystemApi + @RequiresPermission(android.Manifest.permission.LOCAL_MAC_ADDRESS) public String getCaptivePortalServerUrl() { try { return mService.getCaptivePortalServerUrl(); @@ -2088,10 +2089,11 @@ public class ConnectivityManager { * {@hide} */ @SystemApi - @RequiresPermission(android.Manifest.permission.ACCESS_NETWORK_STATE) + @RequiresPermission(android.Manifest.permission.TETHER_PRIVILEGED) public boolean isTetheringSupported() { try { - return mService.isTetheringSupported(); + String pkgName = mContext.getOpPackageName(); + return mService.isTetheringSupported(pkgName); } catch (RemoteException e) { throw e.rethrowFromSystemServer(); } @@ -2121,6 +2123,7 @@ public class ConnectivityManager { * @hide */ @SystemApi + @RequiresPermission(android.Manifest.permission.TETHER_PRIVILEGED) public void startTethering(int type, boolean showProvisioningUi, final OnStartTetheringCallback callback) { startTethering(type, showProvisioningUi, callback, null); diff --git a/core/java/android/net/IConnectivityManager.aidl b/core/java/android/net/IConnectivityManager.aidl index b9dd207aaa..a6fe7389bc 100644 --- a/core/java/android/net/IConnectivityManager.aidl +++ b/core/java/android/net/IConnectivityManager.aidl @@ -75,7 +75,7 @@ interface IConnectivityManager int getLastTetherError(String iface); - boolean isTetheringSupported(); + boolean isTetheringSupported(String callerPkg); void startTethering(int type, in ResultReceiver receiver, boolean showProvisioningUi, String callerPkg); diff --git a/services/core/java/com/android/server/ConnectivityService.java b/services/core/java/com/android/server/ConnectivityService.java index be236f9465..a764ad4f33 100644 --- a/services/core/java/com/android/server/ConnectivityService.java +++ b/services/core/java/com/android/server/ConnectivityService.java @@ -2979,12 +2979,16 @@ public class ConnectivityService extends IConnectivityManager.Stub return mTethering.getTetheredDhcpRanges(); } + @Override + public boolean isTetheringSupported(String callerPkg) { + ConnectivityManager.enforceTetherChangePermission(mContext, callerPkg); + return isTetheringSupported(); + } + // if ro.tether.denied = true we default to no tethering // gservices could set the secure setting to 1 though to enable it on a build where it // had previously been turned off. - @Override - public boolean isTetheringSupported() { - enforceTetherAccessPermission(); + private boolean isTetheringSupported() { int defaultVal = encodeBool(!mSystemProperties.get("ro.tether.denied").equals("true")); boolean tetherSupported = toBool(Settings.Global.getInt(mContext.getContentResolver(), Settings.Global.TETHER_SUPPORTED, defaultVal)); @@ -5455,6 +5459,7 @@ public class ConnectivityService extends IConnectivityManager.Stub @Override public String getCaptivePortalServerUrl() { + enforceConnectivityInternalPermission(); return NetworkMonitor.getCaptivePortalServerHttpUrl(mContext); }