Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 48c034d4 authored by Chalard Jean's avatar Chalard Jean Committed by Mark Chien
Browse files

Correctly check permission and app identity for tethering 

Have the caller pass its package name. Appops will check
that the UID belongs indeed to the package name, and that
the UID has the requisite permissions.

Also add WRITE_SETTINGS to the bluetooth process.

Bug: 134649258
Test: atest PanServiceTest
Change-Id: I6cf29c36cf6e7229abb5be4a108efb9b9600217d
Merged-In: I6cf29c36cf6e7229abb5be4a108efb9b9600217d
(cherry picked from commit f0ae367fa83ee3b2880971af7f1325e568f56677)
parent 20365942

android/app/src/com/android/bluetooth/pan/PanService.java

+6 −14
Original line number Diff line number Diff line
@@ -27,7 +27,6 @@ import android.net.ConnectivityManager; 
import android.net.InterfaceConfiguration;

import android.net.LinkAddress;

import android.net.NetworkUtils;

import android.os.Binder;

import android.os.Handler;

import android.os.IBinder;

import android.os.INetworkManagementService;
@@ -287,13 +286,14 @@ public class PanService extends ProfileService { 
        }



        @Override

        public void setBluetoothTethering(boolean value) {

        public void setBluetoothTethering(boolean value, String pkgName) {

            PanService service = getService();

            if (service == null) {

                return;

            }

            Log.d(TAG, "setBluetoothTethering: " + value + ", mTetherOn: " + service.mTetherOn);

            service.setBluetoothTethering(value);

            Log.d(TAG, "setBluetoothTethering: " + value + ", pkgName: " + pkgName

                    + ", mTetherOn: " + service.mTetherOn);

            service.setBluetoothTethering(value, pkgName);

        }



        @Override
@@ -362,22 +362,14 @@ public class PanService extends ProfileService { 
        return mTetherOn;

    }



    void setBluetoothTethering(boolean value) {

    void setBluetoothTethering(boolean value, final String pkgName) {

        if (DBG) {

            Log.d(TAG, "setBluetoothTethering: " + value + ", mTetherOn: " + mTetherOn);

        }

        enforceCallingOrSelfPermission(BLUETOOTH_ADMIN_PERM, "Need BLUETOOTH_ADMIN permission");

        final Context context = getBaseContext();

        String pkgName = context.getOpPackageName();



        // Clear caller identity temporarily so enforceTetherChangePermission UID checks work

        // correctly

        final long identityToken = Binder.clearCallingIdentity();

        try {

        ConnectivityManager.enforceTetherChangePermission(context, pkgName);

        } finally {

            Binder.restoreCallingIdentity(identityToken);

        }



        UserManager um = (UserManager) getSystemService(Context.USER_SERVICE);

        if (um.hasUserRestriction(UserManager.DISALLOW_CONFIG_TETHERING) && value) {