Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 85ce1ebd authored by markchien's avatar markchien
Browse files

Fix TetheringServiceTest test WRITE_SETTINGS permission failure 

AdoptShellPermissionIdentity can not pass permission check by
Settings#checkAndNoteWriteSettingsOperation. It would compare the caller
uid and its package name. See error below:
1. java.lang.SecurityException:
Specified package com.android.shell under uid 10239 but it is really 2000
2. java.lang.SecurityException:
uid 10245 does not have android.permission.UPDATE_APP_OPS_STATS.

Override the method and test if caller hold WRITE_SETTINGS directly.

Bug: 154869719
Test: TetheringTests, TetheringCoverageTests, NetworkStackNextTests,
NetworkStackCoverageTests

Change-Id: I2a60c4d66ef30028f9663159f85464ea815248e2
parent c3076ed3

packages/Tethering/src/com/android/networkstack/tethering/TetheringService.java

+4 −3
Original line number Original line Diff line number Diff line
@@ -264,10 +264,11 @@ public class TetheringService extends Service { 
            if (onlyAllowPrivileged || mTethering.isTetherProvisioningRequired()) return false;

            if (onlyAllowPrivileged || mTethering.isTetherProvisioningRequired()) return false;





            int uid = Binder.getCallingUid();

            int uid = Binder.getCallingUid();



            // If callerPkg's uid is not same as Binder.getCallingUid(),

            // If callerPkg's uid is not same as Binder.getCallingUid(),

            // checkAndNoteWriteSettingsOperation will return false and the operation will be

            // checkAndNoteWriteSettingsOperation will return false and the operation will be

            // denied.

            // denied.

            return TetheringService.checkAndNoteWriteSettingsOperation(mService, uid, callerPkg,

            return mService.checkAndNoteWriteSettingsOperation(mService, uid, callerPkg,

                    callingAttributionTag, false /* throwException */);

                    callingAttributionTag, false /* throwException */);

        }

        }
@@ -285,8 +286,8 @@ public class TetheringService extends Service { 
     *

     *

     * @return {@code true} iff the package is allowed to write settings.

     * @return {@code true} iff the package is allowed to write settings.

     */

     */

    // TODO: Remove method and replace with direct call once R code is pushed to AOSP

    @VisibleForTesting

    private static boolean checkAndNoteWriteSettingsOperation(@NonNull Context context, int uid,

    boolean checkAndNoteWriteSettingsOperation(@NonNull Context context, int uid,

            @NonNull String callingPackage, @Nullable String callingAttributionTag,

            @NonNull String callingPackage, @Nullable String callingAttributionTag,

            boolean throwException) {

            boolean throwException) {

        return Settings.checkAndNoteWriteSettingsOperation(context, uid, callingPackage,

        return Settings.checkAndNoteWriteSettingsOperation(context, uid, callingPackage,

packages/Tethering/tests/unit/src/com/android/networkstack/tethering/MockTetheringService.java

+16 −0
Original line number Original line Diff line number Diff line
@@ -15,13 +15,20 @@ 
 */

 */

package com.android.networkstack.tethering;

package com.android.networkstack.tethering;





import static android.Manifest.permission.WRITE_SETTINGS;

import static android.content.pm.PackageManager.PERMISSION_GRANTED;



import static org.mockito.Mockito.mock;

import static org.mockito.Mockito.mock;





import android.content.Context;

import android.content.Intent;

import android.content.Intent;

import android.net.ITetheringConnector;

import android.net.ITetheringConnector;

import android.os.Binder;

import android.os.Binder;

import android.os.IBinder;

import android.os.IBinder;





import androidx.annotation.NonNull;

import androidx.annotation.Nullable;



public class MockTetheringService extends TetheringService {

public class MockTetheringService extends TetheringService {

    private final Tethering mTethering = mock(Tethering.class);

    private final Tethering mTethering = mock(Tethering.class);
@@ -35,6 +42,15 @@ public class MockTetheringService extends TetheringService { 
        return mTethering;

        return mTethering;

    }

    }





    @Override

    boolean checkAndNoteWriteSettingsOperation(@NonNull Context context, int uid,

            @NonNull String callingPackage, @Nullable String callingAttributionTag,

            boolean throwException) {

        // Test this does not verify the calling package / UID, as calling package could be shell

        // and not match the UID.

        return context.checkCallingOrSelfPermission(WRITE_SETTINGS) == PERMISSION_GRANTED;

    }



    public Tethering getTethering() {

    public Tethering getTethering() {

        return mTethering;

        return mTethering;

    }

    }