Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 335d2ede authored by Tetsutoki Shiozawa's avatar Tetsutoki Shiozawa Committed by Shunta Sato
Browse files

Make tetherChangePermission to be secured for AppOps permission 

Symptom:
AppOps verified the incorrect package of calling tether state
changing API.
It threw SecurityException by mistake.

Solution:
Pass the correct package name to enforceTetherChangePermission.

Bug: 32931147
Change-Id: Ia1167f26f556678b189a24a4a716f1a7e5cb12eb
parent 58b5789c

core/java/android/net/ConnectivityManager.java

+25 −9
Original line number Diff line number Diff line
@@ -1863,8 +1863,12 @@ public class ConnectivityManager { 
                .getPackageNameForUid(context, uid), true /* throwException */);

    }



    /** {@hide */

    public static final void enforceTetherChangePermission(Context context) {

    /** {@hide} */

    public static final void enforceTetherChangePermission(Context context, String callingPkg) {

        if (null == context || null == callingPkg) {

            throw new IllegalArgumentException("arguments should not be null");

        }



        if (context.getResources().getStringArray(

                com.android.internal.R.array.config_mobile_hotspot_provision_app).length == 2) {

            // Have a provisioning app - must only let system apps (which check this app)
@@ -1873,8 +1877,10 @@ public class ConnectivityManager { 
                    android.Manifest.permission.TETHER_PRIVILEGED, "ConnectivityService");

        } else {

            int uid = Binder.getCallingUid();

            Settings.checkAndNoteWriteSettingsOperation(context, uid, Settings

                    .getPackageNameForUid(context, uid), true /* throwException */);

            // If callingPkg's uid is not same as Binder.getCallingUid(),

            // AppOpsService throws SecurityException.

            Settings.checkAndNoteWriteSettingsOperation(context, uid, callingPkg,

                    true /* throwException */);

        }

    }
@@ -1997,7 +2003,9 @@ public class ConnectivityManager { 
     */

    public int tether(String iface) {

        try {

            return mService.tether(iface);

            String pkgName = mContext.getOpPackageName();

            Log.i(TAG, "tether caller:" + pkgName);

            return mService.tether(iface, pkgName);

        } catch (RemoteException e) {

            throw e.rethrowFromSystemServer();

        }
@@ -2023,7 +2031,9 @@ public class ConnectivityManager { 
     */

    public int untether(String iface) {

        try {

            return mService.untether(iface);

            String pkgName = mContext.getOpPackageName();

            Log.i(TAG, "untether caller:" + pkgName);

            return mService.untether(iface, pkgName);

        } catch (RemoteException e) {

            throw e.rethrowFromSystemServer();

        }
@@ -2114,7 +2124,9 @@ public class ConnectivityManager { 
        };



        try {

            mService.startTethering(type, wrappedCallback, showProvisioningUi);

            String pkgName = mContext.getOpPackageName();

            Log.i(TAG, "startTethering caller:" + pkgName);

            mService.startTethering(type, wrappedCallback, showProvisioningUi, pkgName);

        } catch (RemoteException e) {

            Log.e(TAG, "Exception trying to start tethering.", e);

            wrappedCallback.send(TETHER_ERROR_SERVICE_UNAVAIL, null);
@@ -2134,7 +2146,9 @@ public class ConnectivityManager { 
    @SystemApi

    public void stopTethering(int type) {

        try {

            mService.stopTethering(type);

            String pkgName = mContext.getOpPackageName();

            Log.i(TAG, "stopTethering caller:" + pkgName);

            mService.stopTethering(type, pkgName);

        } catch (RemoteException e) {

            throw e.rethrowFromSystemServer();

        }
@@ -2219,7 +2233,9 @@ public class ConnectivityManager { 
     */

    public int setUsbTethering(boolean enable) {

        try {

            return mService.setUsbTethering(enable);

            String pkgName = mContext.getOpPackageName();

            Log.i(TAG, "setUsbTethering caller:" + pkgName);

            return mService.setUsbTethering(enable, pkgName);

        } catch (RemoteException e) {

            throw e.rethrowFromSystemServer();

        }

core/java/android/net/IConnectivityManager.aidl

+6 −5
Original line number Diff line number Diff line
@@ -69,17 +69,18 @@ interface IConnectivityManager 


    boolean requestRouteToHostAddress(int networkType, in byte[] hostAddress);



    int tether(String iface);

    int tether(String iface, String callerPkg);



    int untether(String iface);

    int untether(String iface, String callerPkg);



    int getLastTetherError(String iface);



    boolean isTetheringSupported();



    void startTethering(int type, in ResultReceiver receiver, boolean showProvisioningUi);

    void startTethering(int type, in ResultReceiver receiver, boolean showProvisioningUi,

            String callerPkg);



    void stopTethering(int type);

    void stopTethering(int type, String callerPkg);



    String[] getTetherableIfaces();
@@ -95,7 +96,7 @@ interface IConnectivityManager 


    String[] getTetherableBluetoothRegexs();



    int setUsbTethering(boolean enable);

    int setUsbTethering(boolean enable, String callerPkg);



    void reportInetCondition(int networkType, int percentage);

services/core/java/com/android/server/ConnectivityService.java

+13 −11
Original line number Diff line number Diff line
@@ -2948,8 +2948,8 @@ public class ConnectivityService extends IConnectivityManager.Stub 


    // javadoc from interface

    @Override

    public int tether(String iface) {

        ConnectivityManager.enforceTetherChangePermission(mContext);

    public int tether(String iface, String callerPkg) {

        ConnectivityManager.enforceTetherChangePermission(mContext, callerPkg);

        if (isTetheringSupported()) {

            final int status = mTethering.tether(iface);

            return status;
@@ -2960,8 +2960,8 @@ public class ConnectivityService extends IConnectivityManager.Stub 


    // javadoc from interface

    @Override

    public int untether(String iface) {

        ConnectivityManager.enforceTetherChangePermission(mContext);

    public int untether(String iface, String callerPkg) {

        ConnectivityManager.enforceTetherChangePermission(mContext, callerPkg);



        if (isTetheringSupported()) {

            final int status = mTethering.untether(iface);
@@ -3015,8 +3015,8 @@ public class ConnectivityService extends IConnectivityManager.Stub 
    }



    @Override

    public int setUsbTethering(boolean enable) {

        ConnectivityManager.enforceTetherChangePermission(mContext);

    public int setUsbTethering(boolean enable, String callerPkg) {

        ConnectivityManager.enforceTetherChangePermission(mContext, callerPkg);

        if (isTetheringSupported()) {

            return mTethering.setUsbTethering(enable);

        } else {
@@ -3075,8 +3075,9 @@ public class ConnectivityService extends IConnectivityManager.Stub 
    }



    @Override

    public void startTethering(int type, ResultReceiver receiver, boolean showProvisioningUi) {

        ConnectivityManager.enforceTetherChangePermission(mContext);

    public void startTethering(int type, ResultReceiver receiver, boolean showProvisioningUi,

            String callerPkg) {

        ConnectivityManager.enforceTetherChangePermission(mContext, callerPkg);

        if (!isTetheringSupported()) {

            receiver.send(ConnectivityManager.TETHER_ERROR_UNSUPPORTED, null);

            return;
@@ -3085,8 +3086,8 @@ public class ConnectivityService extends IConnectivityManager.Stub 
    }



    @Override

    public void stopTethering(int type) {

        ConnectivityManager.enforceTetherChangePermission(mContext);

    public void stopTethering(int type, String callerPkg) {

        ConnectivityManager.enforceTetherChangePermission(mContext, callerPkg);

        mTethering.stopTethering(type);

    }
@@ -5482,8 +5483,9 @@ public class ConnectivityService extends IConnectivityManager.Stub 


        if (!mUserManager.hasUserRestriction(UserManager.DISALLOW_CONFIG_TETHERING)) {

            // Untether

            String pkgName = mContext.getOpPackageName();

            for (String tether : getTetheredIfaces()) {

                untether(tether);

                untether(tether, pkgName);

            }

        }