Restrict the permission for accessing vpn profile (a4919a56) · Commits · e / os / android_frameworks_base

services/core/java/com/android/server/VpnManagerService.java

+9 −0

Original line number	Diff line number	Diff line
		@@ -19,6 +19,7 @@ package com.android.server;
		import static android.Manifest.permission.NETWORK_STACK;

		import static com.android.net.module.util.PermissionUtils.enforceAnyPermissionOf;
		import static com.android.net.module.util.PermissionUtils.enforceNetworkStackPermission;

		import android.annotation.NonNull;
		import android.annotation.Nullable;
		@@ -1020,6 +1021,8 @@ public class VpnManagerService extends IVpnManager.Stub {
		@Override
		@Nullable
		public byte[] getFromVpnProfileStore(@NonNull String name) {
		// TODO(b/307903113): Replace NETWORK_STACK permission and adopt proper permission
		enforceNetworkStackPermission(mContext);
		return mVpnProfileStore.get(name);
		}

		@@ -1037,6 +1040,8 @@ public class VpnManagerService extends IVpnManager.Stub {
		*/
		@Override
		public boolean putIntoVpnProfileStore(@NonNull String name, @NonNull byte[] blob) {
		// TODO(b/307903113): Replace NETWORK_STACK permission and adopt proper permission
		enforceNetworkStackPermission(mContext);
		return mVpnProfileStore.put(name, blob);
		}

		@@ -1052,6 +1057,8 @@ public class VpnManagerService extends IVpnManager.Stub {
		*/
		@Override
		public boolean removeFromVpnProfileStore(@NonNull String name) {
		// TODO(b/307903113): Replace NETWORK_STACK permission and adopt proper permission
		enforceNetworkStackPermission(mContext);
		return mVpnProfileStore.remove(name);
		}

		@@ -1069,6 +1076,8 @@ public class VpnManagerService extends IVpnManager.Stub {
		@Override
		@NonNull
		public String[] listFromVpnProfileStore(@NonNull String prefix) {
		// TODO(b/307903113): Replace NETWORK_STACK permission and adopt proper permission
		enforceNetworkStackPermission(mContext);
		return mVpnProfileStore.list(prefix);
		}