Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 2e31a7c0 authored by Lorenzo Colitti's avatar Lorenzo Colitti
Browse files

Make requestRouteToHost a no-op for system callers. 

Everything in the system should now be using proper multinetwork
APIs instead of this insecure and error-prone API.

Make this method do nothing when called by the system. For now,
keep the code around for backwards compatibility for apps
targeting Android releases before M.

Bug: 25824776
Bug: 25876485
Test: FrameworksNetTests pass
Test: CtsNetTestCasesLegacyApi22 pass
Test: CtsNetTestCasesLegacyPermission22 pass
Test: android.net.cts.ConnectivityManagerTest passes
Change-Id: I9b3557faccccc95c7b954db6a13b853b4c7edea0
parent 5604cc25

core/java/android/net/ConnectivityManager.java

+3 −8
Original line number Diff line number Diff line
@@ -26,7 +26,6 @@ import android.annotation.UnsupportedAppUsage; 
import android.app.PendingIntent;

import android.content.Context;

import android.content.Intent;

import android.content.pm.PackageManager;

import android.os.Binder;

import android.os.Build.VERSION_CODES;

import android.os.Bundle;
@@ -3801,8 +3800,9 @@ public class ConnectivityManager { 


    private void unsupportedStartingFrom(int version) {

        if (Process.myUid() == Process.SYSTEM_UID) {

            // The getApplicationInfo() call we make below is not supported in system context, and

            // we want to allow the system to use these APIs anyway.

            // The getApplicationInfo() call we make below is not supported in system context. Let

            // the call through here, and rely on the fact that ConnectivityService will refuse to

            // allow the system to use these APIs anyway.

            return;

        }
@@ -3819,11 +3819,6 @@ public class ConnectivityManager { 
    // functions by accessing ConnectivityService directly. However, it should be clear that doing

    // so is unsupported and may break in the future. http://b/22728205

    private void checkLegacyRoutingApiAccess() {

        if (mContext.checkCallingOrSelfPermission("com.android.permission.INJECT_OMADM_SETTINGS")

                == PackageManager.PERMISSION_GRANTED) {

            return;

        }



        unsupportedStartingFrom(VERSION_CODES.M);

    }

services/core/java/com/android/server/ConnectivityService.java

+17 −0
Original line number Diff line number Diff line
@@ -1475,6 +1475,20 @@ public class ConnectivityService extends IConnectivityManager.Stub 
        }

    };



    /**

     * Ensures that the system cannot call a particular method.

     */

    private boolean disallowedBecauseSystemCaller() {

        // TODO: start throwing a SecurityException when GnssLocationProvider stops calling

        // requestRouteToHost.

        if (isSystem(Binder.getCallingUid())) {

            log("This method exists only for app backwards compatibility"

                    + " and must not be called by system services.");

            return true;

        }

        return false;

    }



    /**

     * Ensure that a network route exists to deliver traffic to the specified

     * host via the specified network interface.
@@ -1486,6 +1500,9 @@ public class ConnectivityService extends IConnectivityManager.Stub 
     */

    @Override

    public boolean requestRouteToHostAddress(int networkType, byte[] hostAddress) {

        if (disallowedBecauseSystemCaller()) {

            return false;

        }

        enforceChangePermission();

        if (mProtectedNetworks.contains(networkType)) {

            enforceConnectivityInternalPermission();