Merge "Enforce VPN control "permission" with an actual permission." into lmp-mr1-dev

2014-11-17 21:02:08 +00:00
parent 94d963381d bc19c181c8
commit e0cb56b02e
5 changed files with 19 additions and 25 deletions
--- a/core/res/AndroidManifest.xml
+++ b/core/res/AndroidManifest.xml
@@ -2406,6 +2406,15 @@
        android:description="@string/permdesc_controlWifiDisplay"
        android:protectionLevel="signature" />

+    <!-- @SystemApi Allows an application to control VPN.
+         <p>Not for use by third-party applications.</p>
+         @hide -->
+    <permission android:name="android.permission.CONTROL_VPN"
+        android:label="@string/permlab_controlVpn"
+        android:description="@string/permdesc_controlVpn"
+        android:protectionLevel="signature|system" />
+    <uses-permission android:name="android.permission.CONTROL_VPN" />
+
    <!-- @SystemApi Allows an application to capture audio output.
         <p>Not for use by third-party applications.</p> -->
    <permission android:name="android.permission.CAPTURE_AUDIO_OUTPUT"
--- a/core/res/res/values/strings.xml
+++ b/core/res/res/values/strings.xml
@@ -1651,6 +1651,11 @@
    <!-- Description of an application permission, listed so the user can choose whether they want to allow the application to do this. -->
    <string name="permdesc_controlWifiDisplay">Allows the app to control low-level features of Wifi displays.</string>

+    <!-- Title of an application permission, listed so the user can choose whether they want to allow the application to do this. -->
+    <string name="permlab_controlVpn">control Virtual Private Networks</string>
+    <!-- Description of an application permission, listed so the user can choose whether they want to allow the application to do this. -->
+    <string name="permdesc_controlVpn">Allows the app to control low-level features of Virtual Private Networks.</string>
+
    <!-- Title of an application permission, listed so the user can choose whether they want to allow the application to do this. -->
    <string name="permlab_captureAudioOutput">capture audio output</string>
    <!-- Description of an application permission, listed so the user can choose whether they want to allow the application to do this. -->
--- a/packages/SystemUI/AndroidManifest.xml
+++ b/packages/SystemUI/AndroidManifest.xml
@@ -55,6 +55,7 @@
    <uses-permission android:name="android.permission.MANAGE_NETWORK_POLICY" />
    <uses-permission android:name="android.permission.CONNECTIVITY_INTERNAL" />
    <uses-permission android:name="android.permission.READ_NETWORK_USAGE_HISTORY" />
+    <uses-permission android:name="android.permission.CONTROL_VPN" />

    <!-- Physical hardware -->
    <uses-permission android:name="android.permission.MANAGE_USB" />
--- a/packages/VpnDialogs/AndroidManifest.xml
+++ b/packages/VpnDialogs/AndroidManifest.xml
@@ -19,6 +19,8 @@
 <manifest xmlns:android="http://schemas.android.com/apk/res/android"
        package="com.android.vpndialogs">

+    <uses-permission android:name="android.permission.CONTROL_VPN" />
+
    <application android:label="VpnDialogs"
            android:allowBackup="false" >
        <activity android:name=".ConfirmDialog"
--- a/services/core/java/com/android/server/connectivity/Vpn.java
+++ b/services/core/java/com/android/server/connectivity/Vpn.java
@@ -23,6 +23,7 @@ import static android.net.RouteInfo.RTN_UNREACHABLE;
 import static android.system.OsConstants.AF_INET;
 import static android.system.OsConstants.AF_INET6;

+import android.Manifest;
 import android.app.AppGlobals;
 import android.app.AppOpsManager;
 import android.app.PendingIntent;
@@ -739,31 +740,7 @@ public class Vpn {
    };

    private void enforceControlPermission() {
-        // System user is allowed to control VPN.
-        if (Binder.getCallingUid() == Process.SYSTEM_UID) {
-            return;
-        }
-        int appId = UserHandle.getAppId(Binder.getCallingUid());
-        final long token = Binder.clearCallingIdentity();
-        try {
-            // System VPN dialogs are also allowed to control VPN.
-            PackageManager pm = mContext.getPackageManager();
-            ApplicationInfo app = pm.getApplicationInfo(VpnConfig.DIALOGS_PACKAGE, 0);
-            if (((app.flags & ApplicationInfo.FLAG_SYSTEM) != 0) && (appId == app.uid)) {
-                return;
-            }
-            // SystemUI dialogs are also allowed to control VPN.
-            ApplicationInfo sysUiApp = pm.getApplicationInfo("com.android.systemui", 0);
-            if (((sysUiApp.flags & ApplicationInfo.FLAG_SYSTEM) != 0) && (appId == sysUiApp.uid)) {
-                return;
-            }
-        } catch (Exception e) {
-            // ignore
-        } finally {
-            Binder.restoreCallingIdentity(token);
-        }
-
-        throw new SecurityException("Unauthorized Caller");
+        mContext.enforceCallingPermission(Manifest.permission.CONTROL_VPN, "Unauthorized Caller");
    }

    private class Connection implements ServiceConnection {