diff options
author | Hai Shalom <haishalom@google.com> | 2019-06-06 16:21:51 -0700 |
---|---|---|
committer | Hai Shalom <haishalom@google.com> | 2019-06-07 14:09:31 -0700 |
commit | 751d92efd542fae18c5c4a0e5597edd24ecb684b (patch) | |
tree | edd49e4f4e841723c8955eea7d16d6bd2b29c83f /service/java/com/android | |
parent | af9b7b297e43fe6fe347a6143d76bde2cb2363c6 (diff) | |
download | android_frameworks_opt_net_wifi-751d92efd542fae18c5c4a0e5597edd24ecb684b.tar.gz android_frameworks_opt_net_wifi-751d92efd542fae18c5c4a0e5597edd24ecb684b.tar.bz2 android_frameworks_opt_net_wifi-751d92efd542fae18c5c4a0e5597edd24ecb684b.zip |
Use correct method for checking NETWORK_SETUP_WIZARD permission
New Passpoint and DPP APIs were not using the correct methods for
checking NETWORK_SETUP_WIZARD and NETWORK_SETTINGS permissions.
Updated the code to use the correct method.
Bug: 134618695
Test: act.py -c ../WifiDppConfig.json -tc WifiDppTest
Test: atest PasspointConfigSharedStoreDataTest PasspointNetworkEvaluatorTest PasspointProvisionerTest PasspointNetworkScoreTest PasspointXmlUtilsTest PasspointEventHandlerTest PasspointProviderTest PasspointManagerTest PasspointConfigUserStoreDataTest
Test: Connect to Passpoint OSU network
Test: atest DppManagerTest
Test: atest WifiServiceImplTest
Change-Id: I54d0ac31150c478fea7ec0a4ede36bd40240d662
Diffstat (limited to 'service/java/com/android')
-rw-r--r-- | service/java/com/android/server/wifi/WifiServiceImpl.java | 47 |
1 files changed, 15 insertions, 32 deletions
diff --git a/service/java/com/android/server/wifi/WifiServiceImpl.java b/service/java/com/android/server/wifi/WifiServiceImpl.java index ef57382bf..6bb36b3b9 100644 --- a/service/java/com/android/server/wifi/WifiServiceImpl.java +++ b/service/java/com/android/server/wifi/WifiServiceImpl.java @@ -747,6 +747,13 @@ public class WifiServiceImpl extends BaseWifiService { || checkNetworkManagedProvisioningPermission(pid, uid); } + // Helper method to check if the entity initiating the binder call has setup wizard or settings + // permissions. + private boolean isSettingsOrSuw(int pid, int uid) { + return checkNetworkSettingsPermission(pid, uid) + || checkNetworkSetupWizardPermission(pid, uid); + } + // Helper method to check if the entity initiating the binder call is a system app. private boolean isSystem(String packageName) { long ident = Binder.clearCallingIdentity(); @@ -1909,10 +1916,7 @@ public class WifiServiceImpl extends BaseWifiService { @Override public Map<String, Map<Integer, List<ScanResult>>> getAllMatchingFqdnsForScanResults( List<ScanResult> scanResults) { - if ((mContext.checkCallingOrSelfPermission(android.Manifest.permission.NETWORK_SETTINGS) - != PERMISSION_GRANTED) - && (mContext.checkSelfPermission(android.Manifest.permission.NETWORK_SETUP_WIZARD) - != PERMISSION_GRANTED)) { + if (!isSettingsOrSuw(Binder.getCallingPid(), Binder.getCallingUid())) { throw new SecurityException(TAG + ": Permission denied"); } if (mVerboseLoggingEnabled) { @@ -1934,10 +1938,7 @@ public class WifiServiceImpl extends BaseWifiService { @Override public Map<OsuProvider, List<ScanResult>> getMatchingOsuProviders( List<ScanResult> scanResults) { - if ((mContext.checkCallingOrSelfPermission(android.Manifest.permission.NETWORK_SETTINGS) - != PERMISSION_GRANTED) - && (mContext.checkSelfPermission(android.Manifest.permission.NETWORK_SETUP_WIZARD) - != PERMISSION_GRANTED)) { + if (!isSettingsOrSuw(Binder.getCallingPid(), Binder.getCallingUid())) { throw new SecurityException(TAG + ": Permission denied"); } if (mVerboseLoggingEnabled) { @@ -1958,10 +1959,7 @@ public class WifiServiceImpl extends BaseWifiService { @Override public Map<OsuProvider, PasspointConfiguration> getMatchingPasspointConfigsForOsuProviders( List<OsuProvider> osuProviders) { - if ((mContext.checkCallingOrSelfPermission(android.Manifest.permission.NETWORK_SETTINGS) - != PERMISSION_GRANTED) - && (mContext.checkSelfPermission(android.Manifest.permission.NETWORK_SETUP_WIZARD) - != PERMISSION_GRANTED)) { + if (!isSettingsOrSuw(Binder.getCallingPid(), Binder.getCallingUid())) { throw new SecurityException(TAG + ": Permission denied"); } if (mVerboseLoggingEnabled) { @@ -1990,10 +1988,7 @@ public class WifiServiceImpl extends BaseWifiService { */ @Override public List<WifiConfiguration> getWifiConfigsForPasspointProfiles(List<String> fqdnList) { - if ((mContext.checkCallingOrSelfPermission(android.Manifest.permission.NETWORK_SETTINGS) - != PERMISSION_GRANTED) - && (mContext.checkSelfPermission(android.Manifest.permission.NETWORK_SETUP_WIZARD) - != PERMISSION_GRANTED)) { + if (!isSettingsOrSuw(Binder.getCallingPid(), Binder.getCallingUid())) { throw new SecurityException(TAG + ": Permission denied"); } if (mVerboseLoggingEnabled) { @@ -3123,10 +3118,7 @@ public class WifiServiceImpl extends BaseWifiService { if (callback == null) { throw new IllegalArgumentException("Callback must not be null"); } - if ((mContext.checkCallingOrSelfPermission(android.Manifest.permission.NETWORK_SETTINGS) - != PERMISSION_GRANTED) - && (mContext.checkSelfPermission(android.Manifest.permission.NETWORK_SETUP_WIZARD) - != PERMISSION_GRANTED)) { + if (!isSettingsOrSuw(Binder.getCallingPid(), Binder.getCallingUid())) { throw new SecurityException(TAG + ": Permission denied"); } if (!mContext.getPackageManager().hasSystemFeature( @@ -3419,10 +3411,7 @@ public class WifiServiceImpl extends BaseWifiService { final int uid = getMockableCallingUid(); - if ((mContext.checkCallingOrSelfPermission(android.Manifest.permission.NETWORK_SETTINGS) - != PERMISSION_GRANTED) - && (mContext.checkSelfPermission(android.Manifest.permission.NETWORK_SETUP_WIZARD) - != PERMISSION_GRANTED)) { + if (!isSettingsOrSuw(Binder.getCallingPid(), Binder.getCallingUid())) { throw new SecurityException(TAG + ": Permission denied"); } @@ -3456,10 +3445,7 @@ public class WifiServiceImpl extends BaseWifiService { final int uid = getMockableCallingUid(); - if ((mContext.checkCallingOrSelfPermission(android.Manifest.permission.NETWORK_SETTINGS) - != PERMISSION_GRANTED) - && (mContext.checkSelfPermission(android.Manifest.permission.NETWORK_SETUP_WIZARD) - != PERMISSION_GRANTED)) { + if (!isSettingsOrSuw(Binder.getCallingPid(), Binder.getCallingUid())) { throw new SecurityException(TAG + ": Permission denied"); } @@ -3473,10 +3459,7 @@ public class WifiServiceImpl extends BaseWifiService { */ @Override public void stopDppSession() throws android.os.RemoteException { - if ((mContext.checkCallingOrSelfPermission(android.Manifest.permission.NETWORK_SETTINGS) - != PERMISSION_GRANTED) - && (mContext.checkSelfPermission(android.Manifest.permission.NETWORK_SETUP_WIZARD) - != PERMISSION_GRANTED)) { + if (!isSettingsOrSuw(Binder.getCallingPid(), Binder.getCallingUid())) { throw new SecurityException(TAG + ": Permission denied"); } final int uid = getMockableCallingUid(); |