Merge "Make sure that only the owner can call [stop|start]VpnProfile()" into sc-dev am: 8d26ea92b4 (7b4a9a88) · Commits · e / os / android_frameworks_base

services/core/java/com/android/server/VpnManagerService.java

+28 −2

Original line number	Diff line number	Diff line
		@@ -26,6 +26,8 @@ import android.content.BroadcastReceiver;
		import android.content.Context;
		import android.content.Intent;
		import android.content.IntentFilter;
		import android.content.pm.PackageManager;
		import android.content.pm.PackageManager.NameNotFoundException;
		import android.net.ConnectivityManager;
		import android.net.INetd;
		import android.net.IVpnManager;
		@@ -312,6 +314,26 @@ public class VpnManagerService extends IVpnManager.Stub {
		}
		}

		// TODO : Move to a static lib to factorize with Vpn.java
		private int getAppUid(final String app, final int userId) {
		final PackageManager pm = mContext.getPackageManager();
		final long token = Binder.clearCallingIdentity();
		try {
		return pm.getPackageUidAsUser(app, userId);
		} catch (NameNotFoundException e) {
		return -1;
		} finally {
		Binder.restoreCallingIdentity(token);
		}
		}

		private void verifyCallingUidAndPackage(String packageName, int callingUid) {
		final int userId = UserHandle.getUserId(callingUid);
		if (getAppUid(packageName, userId) != callingUid) {
		throw new SecurityException(packageName + " does not belong to uid " + callingUid);
		}
		}

		/**
		* Starts the VPN based on the stored profile for the given package
		*
		@@ -323,7 +345,9 @@ public class VpnManagerService extends IVpnManager.Stub {
		*/
		@Override
		public void startVpnProfile(@NonNull String packageName) {
		final int user = UserHandle.getUserId(mDeps.getCallingUid());
		final int callingUid = Binder.getCallingUid();
		verifyCallingUidAndPackage(packageName, callingUid);
		final int user = UserHandle.getUserId(callingUid);
		synchronized (mVpns) {
		throwIfLockdownEnabled();
		mVpns.get(user).startVpnProfile(packageName);
		@@ -340,7 +364,9 @@ public class VpnManagerService extends IVpnManager.Stub {
		*/
		@Override
		public void stopVpnProfile(@NonNull String packageName) {
		final int user = UserHandle.getUserId(mDeps.getCallingUid());
		final int callingUid = Binder.getCallingUid();
		verifyCallingUidAndPackage(packageName, callingUid);
		final int user = UserHandle.getUserId(callingUid);
		synchronized (mVpns) {
		mVpns.get(user).stopVpnProfile(packageName);
		}