Loading packages/Tethering/src/com/android/networkstack/tethering/TetheringService.java +15 −2 Original line number Diff line number Diff line Loading @@ -17,8 +17,10 @@ package com.android.networkstack.tethering; import static android.Manifest.permission.ACCESS_NETWORK_STATE; import static android.Manifest.permission.NETWORK_STACK; import static android.Manifest.permission.TETHER_PRIVILEGED; import static android.content.pm.PackageManager.PERMISSION_GRANTED; import static android.net.NetworkStack.PERMISSION_MAINLINE_NETWORK_STACK; import static android.net.TetheringManager.TETHER_ERROR_NO_ACCESS_TETHERING_PERMISSION; import static android.net.TetheringManager.TETHER_ERROR_NO_CHANGE_TETHERING_PERMISSION; import static android.net.TetheringManager.TETHER_ERROR_NO_ERROR; Loading Loading @@ -240,15 +242,26 @@ public class TetheringService extends Service { return false; } private boolean hasNetworkStackPermission() { return checkCallingOrSelfPermission(NETWORK_STACK) || checkCallingOrSelfPermission(PERMISSION_MAINLINE_NETWORK_STACK); } private boolean hasTetherPrivilegedPermission() { return mService.checkCallingOrSelfPermission(TETHER_PRIVILEGED) == PERMISSION_GRANTED; return checkCallingOrSelfPermission(TETHER_PRIVILEGED); } private boolean checkCallingOrSelfPermission(final String permission) { return mService.checkCallingOrSelfPermission(permission) == PERMISSION_GRANTED; } private boolean hasTetherChangePermission(final String callerPkg, final boolean onlyAllowPrivileged) { if (onlyAllowPrivileged && !hasNetworkStackPermission()) return false; if (hasTetherPrivilegedPermission()) return true; if (onlyAllowPrivileged || mTethering.isTetherProvisioningRequired()) return false; if (mTethering.isTetherProvisioningRequired()) return false; int uid = Binder.getCallingUid(); // If callerPkg's uid is not same as Binder.getCallingUid(), Loading packages/Tethering/tests/integration/src/android/net/EthernetTetheringTest.java +2 −2 Original line number Diff line number Diff line Loading @@ -339,7 +339,7 @@ public class EthernetTetheringTest { private MyTetheringEventCallback enableEthernetTethering(String iface) throws Exception { return enableEthernetTethering(iface, new TetheringRequest.Builder(TETHERING_ETHERNET) .setExemptFromEntitlementCheck(true).build()); .setShouldShowEntitlementUi(false).build()); } private int getMTU(TestNetworkInterface iface) throws SocketException { Loading Loading @@ -510,7 +510,7 @@ public class EthernetTetheringTest { LinkAddress clientAddr = client == null ? null : new LinkAddress(client); return new TetheringRequest.Builder(TETHERING_ETHERNET) .setStaticIpv4Addresses(localAddr, clientAddr) .setExemptFromEntitlementCheck(true).build(); .setShouldShowEntitlementUi(false).build(); } private void assertInvalidStaticIpv4Request(String iface, String local, String client) Loading packages/Tethering/tests/unit/src/com/android/networkstack/tethering/TetheringServiceTest.java +17 −6 Original line number Diff line number Diff line Loading @@ -274,21 +274,32 @@ public final class TetheringServiceTest { }); } private void runStartTetheringAndVerifyNoPermission(final TestTetheringResult result) throws Exception { final TetheringRequestParcel request = new TetheringRequestParcel(); request.tetheringType = TETHERING_WIFI; request.exemptFromEntitlementCheck = true; mTetheringConnector.startTethering(request, TEST_CALLER_PKG, result); result.assertResult(TETHER_ERROR_NO_CHANGE_TETHERING_PERMISSION); verifyNoMoreInteractionsForTethering(); } @Test public void testStartTetheringWithExemptFromEntitlementCheck() throws Exception { public void testFailToBypassEntitlementWithoutNeworkStackPermission() throws Exception { final TetheringRequestParcel request = new TetheringRequestParcel(); request.tetheringType = TETHERING_WIFI; request.exemptFromEntitlementCheck = true; runAsNoPermission((result) -> { runStartTetheringAndVerifyNoPermission(result); }); runAsTetherPrivileged((result) -> { runStartTethering(result, request); verifyNoMoreInteractionsForTethering(); runStartTetheringAndVerifyNoPermission(result); }); runAsWriteSettings((result) -> { mTetheringConnector.startTethering(request, TEST_CALLER_PKG, result); result.assertResult(TETHER_ERROR_NO_CHANGE_TETHERING_PERMISSION); verifyNoMoreInteractionsForTethering(); runStartTetheringAndVerifyNoPermission(result); }); } Loading Loading
packages/Tethering/src/com/android/networkstack/tethering/TetheringService.java +15 −2 Original line number Diff line number Diff line Loading @@ -17,8 +17,10 @@ package com.android.networkstack.tethering; import static android.Manifest.permission.ACCESS_NETWORK_STATE; import static android.Manifest.permission.NETWORK_STACK; import static android.Manifest.permission.TETHER_PRIVILEGED; import static android.content.pm.PackageManager.PERMISSION_GRANTED; import static android.net.NetworkStack.PERMISSION_MAINLINE_NETWORK_STACK; import static android.net.TetheringManager.TETHER_ERROR_NO_ACCESS_TETHERING_PERMISSION; import static android.net.TetheringManager.TETHER_ERROR_NO_CHANGE_TETHERING_PERMISSION; import static android.net.TetheringManager.TETHER_ERROR_NO_ERROR; Loading Loading @@ -240,15 +242,26 @@ public class TetheringService extends Service { return false; } private boolean hasNetworkStackPermission() { return checkCallingOrSelfPermission(NETWORK_STACK) || checkCallingOrSelfPermission(PERMISSION_MAINLINE_NETWORK_STACK); } private boolean hasTetherPrivilegedPermission() { return mService.checkCallingOrSelfPermission(TETHER_PRIVILEGED) == PERMISSION_GRANTED; return checkCallingOrSelfPermission(TETHER_PRIVILEGED); } private boolean checkCallingOrSelfPermission(final String permission) { return mService.checkCallingOrSelfPermission(permission) == PERMISSION_GRANTED; } private boolean hasTetherChangePermission(final String callerPkg, final boolean onlyAllowPrivileged) { if (onlyAllowPrivileged && !hasNetworkStackPermission()) return false; if (hasTetherPrivilegedPermission()) return true; if (onlyAllowPrivileged || mTethering.isTetherProvisioningRequired()) return false; if (mTethering.isTetherProvisioningRequired()) return false; int uid = Binder.getCallingUid(); // If callerPkg's uid is not same as Binder.getCallingUid(), Loading
packages/Tethering/tests/integration/src/android/net/EthernetTetheringTest.java +2 −2 Original line number Diff line number Diff line Loading @@ -339,7 +339,7 @@ public class EthernetTetheringTest { private MyTetheringEventCallback enableEthernetTethering(String iface) throws Exception { return enableEthernetTethering(iface, new TetheringRequest.Builder(TETHERING_ETHERNET) .setExemptFromEntitlementCheck(true).build()); .setShouldShowEntitlementUi(false).build()); } private int getMTU(TestNetworkInterface iface) throws SocketException { Loading Loading @@ -510,7 +510,7 @@ public class EthernetTetheringTest { LinkAddress clientAddr = client == null ? null : new LinkAddress(client); return new TetheringRequest.Builder(TETHERING_ETHERNET) .setStaticIpv4Addresses(localAddr, clientAddr) .setExemptFromEntitlementCheck(true).build(); .setShouldShowEntitlementUi(false).build(); } private void assertInvalidStaticIpv4Request(String iface, String local, String client) Loading
packages/Tethering/tests/unit/src/com/android/networkstack/tethering/TetheringServiceTest.java +17 −6 Original line number Diff line number Diff line Loading @@ -274,21 +274,32 @@ public final class TetheringServiceTest { }); } private void runStartTetheringAndVerifyNoPermission(final TestTetheringResult result) throws Exception { final TetheringRequestParcel request = new TetheringRequestParcel(); request.tetheringType = TETHERING_WIFI; request.exemptFromEntitlementCheck = true; mTetheringConnector.startTethering(request, TEST_CALLER_PKG, result); result.assertResult(TETHER_ERROR_NO_CHANGE_TETHERING_PERMISSION); verifyNoMoreInteractionsForTethering(); } @Test public void testStartTetheringWithExemptFromEntitlementCheck() throws Exception { public void testFailToBypassEntitlementWithoutNeworkStackPermission() throws Exception { final TetheringRequestParcel request = new TetheringRequestParcel(); request.tetheringType = TETHERING_WIFI; request.exemptFromEntitlementCheck = true; runAsNoPermission((result) -> { runStartTetheringAndVerifyNoPermission(result); }); runAsTetherPrivileged((result) -> { runStartTethering(result, request); verifyNoMoreInteractionsForTethering(); runStartTetheringAndVerifyNoPermission(result); }); runAsWriteSettings((result) -> { mTetheringConnector.startTethering(request, TEST_CALLER_PKG, result); result.assertResult(TETHER_ERROR_NO_CHANGE_TETHERING_PERMISSION); verifyNoMoreInteractionsForTethering(); runStartTetheringAndVerifyNoPermission(result); }); } Loading
