Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 5a3b4326 authored by Stanley Tng's avatar Stanley Tng
Browse files

Clear caller identity while checking Tether Change permission 

When changing the Bluetooth tether settings, the call comes from the
system UID but the app op package name of the Bluetooth app is used
and this causes a mismatch between UID and package. This commit
temporarily clear the caller identity while doing the Tether Change
permission check.

Bug: b/37746850
Test: Manual through the Settings app on device
Change-Id: I4835f940dea28f183fbddcc467723a9e03e759fd
parent 32956449

android/app/src/com/android/bluetooth/pan/PanService.java

+12 −2
Original line number Diff line number Diff line
@@ -29,6 +29,7 @@ import android.net.LinkAddress; 
import android.net.NetworkUtils;

import android.os.Handler;

import android.os.IBinder;

import android.os.Binder;

import android.os.INetworkManagementService;

import android.os.Message;

import android.os.ServiceManager;
@@ -324,10 +325,19 @@ public class PanService extends ProfileService { 


    void setBluetoothTethering(boolean value) {

        if(DBG) Log.d(TAG, "setBluetoothTethering: " + value +", mTetherOn: " + mTetherOn);

        enforceCallingOrSelfPermission(BLUETOOTH_ADMIN_PERM, "Need BLUETOOTH_ADMIN permission");

        final Context context = getBaseContext();

        String pkgName = context.getOpPackageName();



        // Clear caller identity temporarily so enforceTetherChangePermission UID checks work

        // correctly

        final long identityToken = Binder.clearCallingIdentity();

        try {

            ConnectivityManager.enforceTetherChangePermission(context, pkgName);

        enforceCallingOrSelfPermission(BLUETOOTH_ADMIN_PERM, "Need BLUETOOTH_ADMIN permission");

        } finally {

            Binder.restoreCallingIdentity(identityToken);

        }



        UserManager um = (UserManager) getSystemService(Context.USER_SERVICE);

        if (um.hasUserRestriction(UserManager.DISALLOW_CONFIG_TETHERING)) {

            throw new SecurityException("DISALLOW_CONFIG_TETHERING is enabled for this user.");