Give apps with NETWORK_SETTINGS right to see any VPN.
...not only the ones that apply to them.
Bug: 73217368
Test: runtest frameworks-net and CTS
Change-Id: I436972a3e51e98bdd815771b451bcedadf684763
diff --git a/core/java/android/net/NetworkCapabilities.java b/core/java/android/net/NetworkCapabilities.java
index d8e1741..b899cbf 100644
--- a/core/java/android/net/NetworkCapabilities.java
+++ b/core/java/android/net/NetworkCapabilities.java
@@ -890,7 +890,16 @@
/**
* List of UIDs this network applies to. No restriction if null.
* <p>
- * This is typically (and at this time, only) used by VPN. This network is only available to
+ * For networks, mUids represent the list of network this applies to, and null means this
+ * network applies to all UIDs.
+ * For requests, mUids is the list of UIDs this network MUST apply to to match ; ALL UIDs
+ * must be included in a network so that they match. As an exception to the general rule,
+ * a null mUids field for requests mean "no requirements" rather than what the general rule
+ * would suggest ("must apply to all UIDs") : this is because this has shown to be what users
+ * of this API expect in practice. A network that must match all UIDs can still be
+ * expressed with a set ranging the entire set of possible UIDs.
+ * <p>
+ * mUids is typically (and at this time, only) used by VPN. This network is only available to
* the UIDs in this list, and it is their default network. Apps in this list that wish to
* bypass the VPN can do so iff the VPN app allows them to or if they are privileged. If this
* member is null, then the network is not restricted by app UID. If it's an empty list, then
@@ -1012,8 +1021,7 @@
* @hide
*/
public boolean satisfiedByUids(NetworkCapabilities nc) {
- if (null == nc.mUids) return true; // The network satisfies everything.
- if (null == mUids) return false; // Not everything allowed but requires everything
+ if (null == nc.mUids || null == mUids) return true; // The network satisfies everything.
for (UidRange requiredRange : mUids) {
if (requiredRange.contains(nc.mEstablishingVpnAppUid)) return true;
if (!nc.appliesToUidRange(requiredRange)) {
diff --git a/core/java/android/net/NetworkRequest.java b/core/java/android/net/NetworkRequest.java
index 97ded2d..f1dfbd1 100644
--- a/core/java/android/net/NetworkRequest.java
+++ b/core/java/android/net/NetworkRequest.java
@@ -19,6 +19,7 @@
import android.annotation.NonNull;
import android.os.Parcel;
import android.os.Parcelable;
+import android.os.Process;
import android.text.TextUtils;
import java.util.Objects;
@@ -131,12 +132,18 @@
* needed in terms of {@link NetworkCapabilities} features
*/
public static class Builder {
- private final NetworkCapabilities mNetworkCapabilities = new NetworkCapabilities();
+ private final NetworkCapabilities mNetworkCapabilities;
/**
* Default constructor for Builder.
*/
- public Builder() {}
+ public Builder() {
+ // By default, restrict this request to networks available to this app.
+ // Apps can rescind this restriction, but ConnectivityService will enforce
+ // it for apps that do not have the NETWORK_SETTINGS permission.
+ mNetworkCapabilities = new NetworkCapabilities();
+ mNetworkCapabilities.setSingleUid(Process.myUid());
+ }
/**
* Build {@link NetworkRequest} give the current set of capabilities.