Fixed permissions so Shell can call netpolicy methods.
BUG: 27127112
Change-Id: I5548aba70a1c25be139462fbabe9a854fa96d2a6
diff --git a/packages/Shell/AndroidManifest.xml b/packages/Shell/AndroidManifest.xml
index 7416fb5..5b865f9 100644
--- a/packages/Shell/AndroidManifest.xml
+++ b/packages/Shell/AndroidManifest.xml
@@ -40,6 +40,7 @@
<uses-permission android:name="android.permission.BLUETOOTH" />
<uses-permission android:name="android.permission.EXPAND_STATUS_BAR" />
<uses-permission android:name="android.permission.DISABLE_KEYGUARD" />
+ <uses-permission android:name="android.permission.MANAGE_NETWORK_POLICY" />
<!-- System tool permissions granted to the shell. -->
<uses-permission android:name="android.permission.REAL_GET_TASKS" />
<uses-permission android:name="android.permission.CHANGE_CONFIGURATION" />
@@ -109,6 +110,7 @@
<uses-permission android:name="android.permission.GET_APP_OPS_STATS" />
<uses-permission android:name="android.permission.VIBRATE" />
<uses-permission android:name="android.permission.MANAGE_ACTIVITY_STACKS" />
+ <uses-permission android:name="android.permission.CONNECTIVITY_INTERNAL" />
<application android:label="@string/app_label"
android:forceDeviceEncrypted="true"
diff --git a/services/core/java/com/android/server/net/NetworkPolicyManagerService.java b/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
index bc5b561..3421433 100644
--- a/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
+++ b/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
@@ -1742,13 +1742,18 @@
public void setNetworkPolicies(NetworkPolicy[] policies) {
mContext.enforceCallingOrSelfPermission(MANAGE_NETWORK_POLICY, TAG);
- maybeRefreshTrustedTime();
- synchronized (mRulesLock) {
- normalizePoliciesLocked(policies);
- updateNetworkEnabledLocked();
- updateNetworkRulesLocked();
- updateNotificationsLocked();
- writePolicyLocked();
+ final long token = Binder.clearCallingIdentity();
+ try {
+ maybeRefreshTrustedTime();
+ synchronized (mRulesLock) {
+ normalizePoliciesLocked(policies);
+ updateNetworkEnabledLocked();
+ updateNetworkRulesLocked();
+ updateNotificationsLocked();
+ writePolicyLocked();
+ }
+ } finally {
+ Binder.restoreCallingIdentity(token);
}
}
@@ -1851,13 +1856,18 @@
@Override
public void setRestrictBackground(boolean restrictBackground) {
mContext.enforceCallingOrSelfPermission(MANAGE_NETWORK_POLICY, TAG);
+ final long token = Binder.clearCallingIdentity();
+ try {
+ maybeRefreshTrustedTime();
+ synchronized (mRulesLock) {
+ mRestrictBackground = restrictBackground;
+ updateRulesForGlobalChangeLocked(true);
+ updateNotificationsLocked();
+ writePolicyLocked();
+ }
- maybeRefreshTrustedTime();
- synchronized (mRulesLock) {
- mRestrictBackground = restrictBackground;
- updateRulesForGlobalChangeLocked(true);
- updateNotificationsLocked();
- writePolicyLocked();
+ } finally {
+ Binder.restoreCallingIdentity(token);
}
mHandler.obtainMessage(MSG_RESTRICT_BACKGROUND_CHANGED, restrictBackground ? 1 : 0, 0)
diff --git a/services/core/java/com/android/server/net/NetworkPolicyManagerShellCommand.java b/services/core/java/com/android/server/net/NetworkPolicyManagerShellCommand.java
index 5cd1025..a5dc008 100644
--- a/services/core/java/com/android/server/net/NetworkPolicyManagerShellCommand.java
+++ b/services/core/java/com/android/server/net/NetworkPolicyManagerShellCommand.java
@@ -211,12 +211,7 @@
if (enabled < 0) {
return enabled;
}
- final long token = Binder.clearCallingIdentity();
- try {
- mInterface.setRestrictBackground(enabled > 0);
- } finally {
- Binder.restoreCallingIdentity(token);
- }
+ mInterface.setRestrictBackground(enabled > 0);
return 0;
}
@@ -225,12 +220,7 @@
if (uid < 0) {
return uid;
}
- final long token = Binder.clearCallingIdentity();
- try {
- mInterface.addRestrictBackgroundWhitelistedUid(uid);
- } finally {
- Binder.restoreCallingIdentity(token);
- }
+ mInterface.addRestrictBackgroundWhitelistedUid(uid);
return 0;
}
@@ -239,12 +229,7 @@
if (uid < 0) {
return uid;
}
- final long token = Binder.clearCallingIdentity();
- try {
- mInterface.removeRestrictBackgroundWhitelistedUid(uid);
- } finally {
- Binder.restoreCallingIdentity(token);
- }
+ mInterface.removeRestrictBackgroundWhitelistedUid(uid);
return 0;
}