Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / frameworks / base / edb47668f072ba82ca389a1b78b1a2024ac31663^! / .
commitedb47668f072ba82ca389a1b78b1a2024ac31663[log] [tgz]
authorRobert Greenwalt <rgreenwalt@google.com>Tue Sep 16 17:54:19 2014 -0700
committerRobert Greenwalt <rgreenwalt@google.com>Wed Sep 17 16:18:12 2014 -0700
tree46d5ee40cb548c0a1412b9a1a7a04ff367b4fb9f
parent328c630ab61605f9a16378334220778fed3a26c3 [diff]
Use unified Tethering Permission Check

The BT and Wifi mechanisms for enabling Tethering did their own
permission checks.  This set of changes unifies the check into
a ConnectivityManager function so they can be kept in sync.

bug:17435527
Change-Id: I8c157a5acf56ffbddd349cb6a45160ae7be8541b

diff --git a/core/java/android/net/ConnectivityManager.java b/core/java/android/net/ConnectivityManager.java
index 7c69a7d..e3cbef5 100644
--- a/core/java/android/net/ConnectivityManager.java
+++ b/core/java/android/net/ConnectivityManager.java

@@ -1402,6 +1402,20 @@
         return (ConnectivityManager) context.getSystemService(Context.CONNECTIVITY_SERVICE);
     }
 
+    /** {@hide */
+    public static final void enforceTetherChangePermission(Context context) {
+        if (context.getResources().getStringArray(
+                com.android.internal.R.array.config_mobile_hotspot_provision_app).length == 2) {
+            // Have a provisioning app - must only let system apps (which check this app)
+            // turn on tethering
+            context.enforceCallingOrSelfPermission(
+                    android.Manifest.permission.CONNECTIVITY_INTERNAL, "ConnectivityService");
+        } else {
+            context.enforceCallingOrSelfPermission(
+                    android.Manifest.permission.CHANGE_NETWORK_STATE, "ConnectivityService");
+        }
+    }
+
     /**
      * Get the set of tetherable, available interfaces.  This list is limited by
      * device configuration and current interface existence.

diff --git a/services/core/java/com/android/server/ConnectivityService.java b/services/core/java/com/android/server/ConnectivityService.java
index 55d8c09..971e212 100644
--- a/services/core/java/com/android/server/ConnectivityService.java
+++ b/services/core/java/com/android/server/ConnectivityService.java

@@ -1357,13 +1357,6 @@
                 "ConnectivityService");
     }
 
-    // TODO Make this a special check when it goes public
-    private void enforceTetherChangePermission() {
-        mContext.enforceCallingOrSelfPermission(
-                android.Manifest.permission.CHANGE_NETWORK_STATE,
-                "ConnectivityService");
-    }
-
     private void enforceTetherAccessPermission() {
         mContext.enforceCallingOrSelfPermission(
                 android.Manifest.permission.ACCESS_NETWORK_STATE,
@@ -2375,8 +2368,7 @@
 
     // javadoc from interface
     public int tether(String iface) {
-        enforceTetherChangePermission();
-
+        ConnectivityManager.enforceTetherChangePermission(mContext);
         if (isTetheringSupported()) {
             return mTethering.tether(iface);
         } else {
@@ -2386,7 +2378,7 @@
 
     // javadoc from interface
     public int untether(String iface) {
-        enforceTetherChangePermission();
+        ConnectivityManager.enforceTetherChangePermission(mContext);
 
         if (isTetheringSupported()) {
             return mTethering.untether(iface);
@@ -2435,7 +2427,7 @@
     }
 
     public int setUsbTethering(boolean enable) {
-        enforceTetherChangePermission();
+        ConnectivityManager.enforceTetherChangePermission(mContext);
         if (isTetheringSupported()) {
             return mTethering.setUsbTethering(enable);
         } else {