Merge "Fixed permissions so Shell can call netpolicy methods." into nyc-dev

2016-02-20 02:24:12 +00:00
parent 9d3a4e1c31 6a05eee2bd
commit b055c1b51a
3 changed files with 28 additions and 31 deletions
--- a/packages/Shell/AndroidManifest.xml
+++ b/packages/Shell/AndroidManifest.xml
@@ -40,6 +40,7 @@
    <uses-permission android:name="android.permission.BLUETOOTH" />
    <uses-permission android:name="android.permission.EXPAND_STATUS_BAR" />
    <uses-permission android:name="android.permission.DISABLE_KEYGUARD" />
+    <uses-permission android:name="android.permission.MANAGE_NETWORK_POLICY" />
    <!-- System tool permissions granted to the shell. -->
    <uses-permission android:name="android.permission.REAL_GET_TASKS" />
    <uses-permission android:name="android.permission.CHANGE_CONFIGURATION" />
@@ -109,6 +110,7 @@
    <uses-permission android:name="android.permission.GET_APP_OPS_STATS" />
    <uses-permission android:name="android.permission.VIBRATE" />
    <uses-permission android:name="android.permission.MANAGE_ACTIVITY_STACKS" />
+    <uses-permission android:name="android.permission.CONNECTIVITY_INTERNAL" />

    <application android:label="@string/app_label"
                 android:forceDeviceEncrypted="true"
--- a/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
+++ b/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
@@ -1742,13 +1742,18 @@ public class NetworkPolicyManagerService extends INetworkPolicyManager.Stub {
    public void setNetworkPolicies(NetworkPolicy[] policies) {
        mContext.enforceCallingOrSelfPermission(MANAGE_NETWORK_POLICY, TAG);

-        maybeRefreshTrustedTime();
-        synchronized (mRulesLock) {
-            normalizePoliciesLocked(policies);
-            updateNetworkEnabledLocked();
-            updateNetworkRulesLocked();
-            updateNotificationsLocked();
-            writePolicyLocked();
+        final long token = Binder.clearCallingIdentity();
+        try {
+            maybeRefreshTrustedTime();
+            synchronized (mRulesLock) {
+                normalizePoliciesLocked(policies);
+                updateNetworkEnabledLocked();
+                updateNetworkRulesLocked();
+                updateNotificationsLocked();
+                writePolicyLocked();
+            }
+        } finally {
+            Binder.restoreCallingIdentity(token);
        }
    }

@@ -1851,13 +1856,18 @@ public class NetworkPolicyManagerService extends INetworkPolicyManager.Stub {
    @Override
    public void setRestrictBackground(boolean restrictBackground) {
        mContext.enforceCallingOrSelfPermission(MANAGE_NETWORK_POLICY, TAG);
+        final long token = Binder.clearCallingIdentity();
+        try {
+            maybeRefreshTrustedTime();
+            synchronized (mRulesLock) {
+                mRestrictBackground = restrictBackground;
+                updateRulesForGlobalChangeLocked(true);
+                updateNotificationsLocked();
+                writePolicyLocked();
+            }

-        maybeRefreshTrustedTime();
-        synchronized (mRulesLock) {
-            mRestrictBackground = restrictBackground;
-            updateRulesForGlobalChangeLocked(true);
-            updateNotificationsLocked();
-            writePolicyLocked();
+        } finally {
+            Binder.restoreCallingIdentity(token);
        }

        mHandler.obtainMessage(MSG_RESTRICT_BACKGROUND_CHANGED, restrictBackground ? 1 : 0, 0)
--- a/services/core/java/com/android/server/net/NetworkPolicyManagerShellCommand.java
+++ b/services/core/java/com/android/server/net/NetworkPolicyManagerShellCommand.java
@@ -211,12 +211,7 @@ class NetworkPolicyManagerShellCommand extends ShellCommand {
        if (enabled < 0) {
            return enabled;
        }
-        final long token = Binder.clearCallingIdentity();
-        try {
-            mInterface.setRestrictBackground(enabled > 0);
-        } finally {
-            Binder.restoreCallingIdentity(token);
-        }
+        mInterface.setRestrictBackground(enabled > 0);
        return 0;
    }

@@ -225,12 +220,7 @@ class NetworkPolicyManagerShellCommand extends ShellCommand {
      if (uid < 0) {
          return uid;
      }
-      final long token = Binder.clearCallingIdentity();
-      try {
-          mInterface.addRestrictBackgroundWhitelistedUid(uid);
-      } finally {
-          Binder.restoreCallingIdentity(token);
-      }
+      mInterface.addRestrictBackgroundWhitelistedUid(uid);
      return 0;
    }

@@ -239,12 +229,7 @@ class NetworkPolicyManagerShellCommand extends ShellCommand {
        if (uid < 0) {
            return uid;
        }
-        final long token = Binder.clearCallingIdentity();
-        try {
-            mInterface.removeRestrictBackgroundWhitelistedUid(uid);
-        } finally {
-            Binder.restoreCallingIdentity(token);
-        }
+        mInterface.removeRestrictBackgroundWhitelistedUid(uid);
        return 0;
    }