diff options
| author | 2020-06-17 15:26:22 +0000 | |
|---|---|---|
| committer | 2020-06-17 15:26:22 +0000 | |
| commit | b85fc66146dee0c345b56d06994987a56d99c163 (patch) | |
| tree | 93ff6c5ac03b52bc9f8932fd665a65b802a0e6dd | |
| parent | 218e017d9398a050c8e03d48270c161383a55b76 (diff) | |
| parent | 26d2378f5b3f1b2da5b897696988f3093df6ff57 (diff) | |
Merge "Set correct owner UID for VPN agentConnect()" into rvc-dev
3 files changed, 30 insertions, 6 deletions
diff --git a/core/java/android/net/NetworkCapabilities.java b/core/java/android/net/NetworkCapabilities.java index a3fd60e9d3b0..004f84422b44 100644 --- a/core/java/android/net/NetworkCapabilities.java +++ b/core/java/android/net/NetworkCapabilities.java @@ -900,9 +900,17 @@ public final class NetworkCapabilities implements Parcelable { * <p>For NetworkCapability instances being sent from ConnectivityService, this value MUST be * reset to Process.INVALID_UID unless all the following conditions are met: * + * <p>The caller is the network owner, AND one of the following sets of requirements is met: + * + * <ol> + * <li>The described Network is a VPN + * </ol> + * + * <p>OR: + * * <ol> - * <li>The destination app is the network owner - * <li>The destination app has the ACCESS_FINE_LOCATION permission granted + * <li>The calling app is the network owner + * <li>The calling app has the ACCESS_FINE_LOCATION permission granted * <li>The user's location toggle is on * </ol> * @@ -928,7 +936,16 @@ public final class NetworkCapabilities implements Parcelable { /** * Retrieves the UID of the app that owns this network. * - * <p>For user privacy reasons, this field will only be populated if: + * <p>For user privacy reasons, this field will only be populated if the following conditions + * are met: + * + * <p>The caller is the network owner, AND one of the following sets of requirements is met: + * + * <ol> + * <li>The described Network is a VPN + * </ol> + * + * <p>OR: * * <ol> * <li>The calling app is the network owner @@ -936,8 +953,8 @@ public final class NetworkCapabilities implements Parcelable { * <li>The user's location toggle is on * </ol> * - * Instances of NetworkCapabilities sent to apps without the appropriate permissions will - * have this field cleared out. + * Instances of NetworkCapabilities sent to apps without the appropriate permissions will have + * this field cleared out. */ public int getOwnerUid() { return mOwnerUid; diff --git a/services/core/java/com/android/server/ConnectivityService.java b/services/core/java/com/android/server/ConnectivityService.java index 2958fd2ae63a..36ba610085e1 100644 --- a/services/core/java/com/android/server/ConnectivityService.java +++ b/services/core/java/com/android/server/ConnectivityService.java @@ -1698,6 +1698,12 @@ public class ConnectivityService extends IConnectivityManager.Stub return newNc; } + // Allow VPNs to see ownership of their own VPN networks - not location sensitive. + if (nc.hasTransport(TRANSPORT_VPN)) { + // Owner UIDs already checked above. No need to re-check. + return newNc; + } + Binder.withCleanCallingIdentity( () -> { if (!mLocationPermissionChecker.checkLocationPermission( diff --git a/services/core/java/com/android/server/connectivity/Vpn.java b/services/core/java/com/android/server/connectivity/Vpn.java index e654af706fca..1f85d1046523 100644 --- a/services/core/java/com/android/server/connectivity/Vpn.java +++ b/services/core/java/com/android/server/connectivity/Vpn.java @@ -1106,7 +1106,8 @@ public class Vpn { NetworkAgentConfig networkAgentConfig = new NetworkAgentConfig(); networkAgentConfig.allowBypass = mConfig.allowBypass && !mLockdown; - mNetworkCapabilities.setOwnerUid(Binder.getCallingUid()); + mNetworkCapabilities.setOwnerUid(mOwnerUID); + mNetworkCapabilities.setAdministratorUids(new int[] {mOwnerUID}); mNetworkCapabilities.setUids(createUserAndRestrictedProfilesRanges(mUserHandle, mConfig.allowedApplications, mConfig.disallowedApplications)); long token = Binder.clearCallingIdentity(); |