Restrict access to background networks to CHANGE_NETWORK_STATE.
When a network goes into the background, tell netd to set the
network's permission to NETWORK. Also, close all TCP sockets on
that network, to prevent long-lived TCP connections from staying
on it and possibly continuing to use metered data.
Bug: 23113288
Change-Id: Ie89c1940b6739160e25c6e9022b8b977afb3e16e
diff --git a/core/java/android/net/ConnectivityManager.java b/core/java/android/net/ConnectivityManager.java
index b9e9b28..0afb546 100644
--- a/core/java/android/net/ConnectivityManager.java
+++ b/core/java/android/net/ConnectivityManager.java
@@ -1825,6 +1825,16 @@
return (ConnectivityManager) context.getSystemService(Context.CONNECTIVITY_SERVICE);
}
+ /* TODO: These permissions checks don't belong in client-side code. Move them to
+ * services.jar, possibly in com.android.server.net. */
+
+ /** {@hide} */
+ public static final boolean checkChangePermission(Context context) {
+ int uid = Binder.getCallingUid();
+ return Settings.checkAndNoteChangeNetworkStateOperation(context, uid, Settings
+ .getPackageNameForUid(context, uid), false /* throwException */);
+ }
+
/** {@hide} */
public static final void enforceChangePermission(Context context) {
int uid = Binder.getCallingUid();