Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit e9fec511 authored by Yeabkal Wubshit's avatar Yeabkal Wubshit
Browse files

Do null-checks before accessing VpnManager in DevicePolicyManagerService 

Wear devices do not start the VpnManagerService, which would make
VpnManager unavailable. Thus, we now need to check if the VpnManager is
available before trying to use it.

Bug: 352669332
Bug: 340928692
Test: manual
Flag: android.server.allow_removing_vpn_service
Change-Id: I0e6ce00a6e5a87f983720656e5f11369d76ecfc1
parent b8504259

services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java

+24 −6
Original line number Diff line number Diff line
@@ -1378,7 +1378,10 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub { 














        // Clear always-on configuration if it wasn't set by the admin.















        if (adminConfiguredVpnPkg == null) {













            mInjector.getVpnManager().setAlwaysOnVpnPackageForUser(userId, null, false, null);













            VpnManager vpnManager = mInjector.getVpnManager();













            if (vpnManager != null) {













                vpnManager.setAlwaysOnVpnPackageForUser(userId, null, false, null);













            }















        }





























        // Clear app authorizations to establish VPNs. When DISALLOW_CONFIG_VPN is enforced apps










@@ -1789,6 +1792,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {













            return mContext.getSystemService(ConnectivityManager.class);















        }



























        @Nullable















        VpnManager getVpnManager() {















            return mContext.getSystemService(VpnManager.class);















        }










@@ -7697,7 +7701,9 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {













                }















            }















            // If some package is uninstalled after the check above, it will be ignored by CM.













            if (!mInjector.getVpnManager().setAlwaysOnVpnPackageForUser(













            VpnManager vpnManager = mInjector.getVpnManager();













            if (vpnManager == null













                    || !mInjector.getVpnManager().setAlwaysOnVpnPackageForUser(















                            userId, vpnPackage, lockdown, lockdownAllowlist)) {















                throw new UnsupportedOperationException();















            }










@@ -7746,8 +7752,12 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {













        Preconditions.checkCallAuthorization(















                isDefaultDeviceOwner(caller) || isProfileOwner(caller));



























        VpnManager vpnManager = mInjector.getVpnManager();













        if (vpnManager == null) {













            return null;













        }















        return mInjector.binderWithCleanCallingIdentity(













                () -> mInjector.getVpnManager().getAlwaysOnVpnPackageForUser(caller.getUserId()));













                () -> vpnManager.getAlwaysOnVpnPackageForUser(caller.getUserId()));















    }





























    @Override









@@ -7774,8 +7784,12 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {













                    isDefaultDeviceOwner(caller) || isProfileOwner(caller));















        }



























        VpnManager vpnManager = mInjector.getVpnManager();













        if (vpnManager == null) {













            return false;













        }















        return mInjector.binderWithCleanCallingIdentity(













                () -> mInjector.getVpnManager().isVpnLockdownEnabled(caller.getUserId()));













                () -> vpnManager.isVpnLockdownEnabled(caller.getUserId()));















    }





























    @Override









@@ -7797,8 +7811,12 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {













        Preconditions.checkCallAuthorization(















                isDefaultDeviceOwner(caller) || isProfileOwner(caller));



























        VpnManager vpnManager = mInjector.getVpnManager();













        if (vpnManager == null) {













            return null;













        }















        return mInjector.binderWithCleanCallingIdentity(













                () -> mInjector.getVpnManager().getVpnLockdownAllowlist(caller.getUserId()));













                () -> vpnManager.getVpnLockdownAllowlist(caller.getUserId()));















    }





























    private void forceWipeDeviceNoLock(boolean wipeExtRequested, String reason, boolean wipeEuicc,