Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 6513fcdc authored by Chiachang Wang's avatar Chiachang Wang
Browse files

Replace hidden NMS permission control API 

Replace the hidden setNetworkPermission NMS APIs with accessing
INetd directly for the incoming ConnectivityService mainline.

Bug: 170598012
Test: atest FrameworksNetTests CtsNetTestCasesLatestSdk
Change-Id: I37ed1003355677b98cbb741f774ba0fa4d193572
parent 8d39f189

core/java/android/os/INetworkManagementService.aidl

+0 −7
Original line number Diff line number Diff line
@@ -347,13 +347,6 @@ interface INetworkManagementService 


    void addLegacyRouteForNetId(int netId, in RouteInfo routeInfo, int uid);



    /**

     * Set permission for a network.

     * @param permission PERMISSION_NONE to clear permissions.

     *                   PERMISSION_NETWORK or PERMISSION_SYSTEM to set permission.

     */

    void setNetworkPermission(int netId, int permission);



    /**

     * Allow UID to call protect().

     */

services/core/java/com/android/server/ConnectivityService.java

+3 −3
Original line number Diff line number Diff line
@@ -6264,9 +6264,9 @@ public class ConnectivityService extends IConnectivityManager.Stub 
        final int newPermission = getNetworkPermission(newNc);

        if (oldPermission != newPermission && nai.created && !nai.isVPN()) {

            try {

                mNMS.setNetworkPermission(nai.network.netId, newPermission);

            } catch (RemoteException e) {

                loge("Exception in setNetworkPermission: " + e);

                mNetd.networkSetPermissionForNetwork(nai.network.netId, newPermission);

            } catch (RemoteException | ServiceSpecificException e) {

                loge("Exception in networkSetPermissionForNetwork: " + e);

            }

        }

    }

services/core/java/com/android/server/NetworkManagementService.java

+0 −11
Original line number Diff line number Diff line
@@ -2008,17 +2008,6 @@ public class NetworkManagementService extends INetworkManagementService.Stub { 
        }

    }



    @Override

    public void setNetworkPermission(int netId, int permission) {

        NetworkStack.checkNetworkStackPermission(mContext);



        try {

            mNetdService.networkSetPermissionForNetwork(netId, permission);

        } catch (RemoteException | ServiceSpecificException e) {

            throw new IllegalStateException(e);

        }

    }



    @Override

    public void allowProtect(int uid) {

        NetworkStack.checkNetworkStackPermission(mContext);