Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit f915e04d authored by Rubin Xu's avatar Rubin Xu
Browse files

[DO NOT MERGE] Add permission check to setAllowOnlyVpnForUids 

Bug: 63000005
Test: runtest frameworks-net -c com.android.server.connectivity.VpnTest
Test: cts-tradefed run cts-dev -m CtsDevicePolicyManagerTestCases -t com.android.cts.devicepolicy.MixedDeviceOwnerTest#testAlwaysOnVpnLockDown
Merged-In: Ia1a82ee73d8617f3124032986fe6c09c14bf7752
Change-Id: Ia1a82ee73d8617f3124032986fe6c09c14bf7752
parent ad8bae1b

services/core/java/com/android/server/NetworkManagementService.java

+3 −0
Original line number Diff line number Diff line
@@ -18,6 +18,7 @@ package com.android.server; 


import static android.Manifest.permission.CONNECTIVITY_INTERNAL;

import static android.Manifest.permission.DUMP;

import static android.Manifest.permission.NETWORK_STACK;

import static android.Manifest.permission.SHUTDOWN;

import static android.net.NetworkPolicyManager.FIREWALL_CHAIN_DOZABLE;

import static android.net.NetworkPolicyManager.FIREWALL_CHAIN_NAME_DOZABLE;
@@ -1709,6 +1710,8 @@ public class NetworkManagementService extends INetworkManagementService.Stub 
    @Override

    public void setAllowOnlyVpnForUids(boolean add, UidRange[] uidRanges)

            throws ServiceSpecificException {

        mContext.enforceCallingOrSelfPermission(NETWORK_STACK, TAG);



        try {

            mNetdService.networkRejectNonSecureVpn(add, uidRanges);

        } catch (ServiceSpecificException e) {