Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / frameworks / base / a7070d34853f5ea4133e70179b2a5a0a194237a8^1..a7070d34853f5ea4133e70179b2a5a0a194237a8 / .
commita7070d34853f5ea4133e70179b2a5a0a194237a8[log] [tgz]
authorRemi NGUYEN VAN <reminv@google.com>Tue Feb 12 19:31:44 2019 -0800
committerandroid-build-merger <android-build-merger@google.com>Tue Feb 12 19:31:44 2019 -0800
tree05ec995d23b8facc9d7fc8ddf6673fa1597c4d43
parentf9fdd303e85c6ea62371b040a29944c4d20c3e7e [diff]
parent89b04a01c28b9ad49df326d99af14a3fc26a26d9 [diff]
Merge "Check NetworkStack UID and perms before binding" am: c96b852f46
am: 89b04a01c2

Change-Id: Ia63a128d2a9d8315d26a3e593b51450ca0fd0c91

diff --git a/core/java/android/net/NetworkStack.java b/core/java/android/net/NetworkStack.java
index 7a4c9bc..ca49438 100644
--- a/core/java/android/net/NetworkStack.java
+++ b/core/java/android/net/NetworkStack.java

@@ -15,6 +15,7 @@
  */
 package android.net;
 
+import static android.content.pm.PackageManager.PERMISSION_GRANTED;
 import static android.os.IServiceManager.DUMP_FLAG_PRIORITY_HIGH;
 import static android.os.IServiceManager.DUMP_FLAG_PRIORITY_NORMAL;
 
@@ -27,6 +28,7 @@
 import android.content.Context;
 import android.content.Intent;
 import android.content.ServiceConnection;
+import android.content.pm.PackageManager;
 import android.net.dhcp.DhcpServingParamsParcel;
 import android.net.dhcp.IDhcpServerCallbacks;
 import android.net.ip.IIpClientCallbacks;
@@ -201,7 +203,33 @@
         final ComponentName comp = intent.resolveSystemService(context.getPackageManager(), 0);
         intent.setComponent(comp);
 
-        if (comp == null || !context.bindServiceAsUser(intent, new NetworkStackConnection(),
+        if (comp == null) {
+            Slog.wtf(TAG, "Could not resolve the network stack with " + intent);
+            // TODO: crash/reboot system server ?
+            return;
+        }
+
+        final PackageManager pm = context.getPackageManager();
+        int uid = -1;
+        try {
+            uid = pm.getPackageUid(comp.getPackageName(), UserHandle.USER_SYSTEM);
+        } catch (PackageManager.NameNotFoundException e) {
+            Slog.wtf("Network stack package not found", e);
+            // Fall through
+        }
+
+        if (uid != Process.NETWORK_STACK_UID) {
+            throw new SecurityException("Invalid network stack UID: " + uid);
+        }
+
+        final int hasPermission =
+                pm.checkPermission(PERMISSION_MAINLINE_NETWORK_STACK, comp.getPackageName());
+        if (hasPermission != PERMISSION_GRANTED) {
+            throw new SecurityException(
+                    "Network stack does not have permission " + PERMISSION_MAINLINE_NETWORK_STACK);
+        }
+
+        if (!context.bindServiceAsUser(intent, new NetworkStackConnection(),
                 Context.BIND_AUTO_CREATE | Context.BIND_IMPORTANT, UserHandle.SYSTEM)) {
             Slog.wtf(TAG,
                     "Could not bind to network stack in-process, or in app with " + intent);