RESTRICT AUTOMERGE: WifiServiceImpl: fix and add tethering checksandroid-7.1.1_r61 android-7.1.1_r60 android-7.1.1_r59 nougat-mr1.8-release nougat-mr1-security-release

Fix checks for tethering restrictions in setWifiApEnabled and setWifiApConfiguration. Additionally add check for primary user for all three checks (setWifiApEnabled, get/setWifiApConfiguration). Bug: 35765136 Test: manual test as below: 1. Download a popular free app, ES File Explorer (tested with version 4.1.7 and earlier) 2. Menu (top-left) > Network > Net Manager > Create a hotspot network 3. The operation should hang or fail 4. "adb logcat | grep WifiService" to verify change Change-Id: I2867f8f33861a802058c84149246dbd7f2b1441e (cherry picked from commit 38598d8d32d5fa9af2178e71916887c2d37678f5)
author: Rebecca Silberstein <silberst@google.com> 2017-09-15 09:36:58 -0700
committer: Rohit Yengisetty <rngy@google.com> 2018-04-17 17:21:15 -0700
commit: ae6b7091153f5c674b8fb8b71742ece3c6753423 (patch)
tree: a94a2a1854f485870138d479fb55ecdfe95c7675
parent: f7ab4052ca8464adef8e20a9cd5a2b1692b5f759 (diff)
download: wifi-nougat-mr1-security-release.tar.gz
1 files changed, 39 insertions, 2 deletions
diff --git a/service/java/com/android/server/wifi/WifiServiceImpl.java b/service/java/com/android/server/wifi/WifiServiceImpl.java
index 740ef6e54..3cad492f5 100644
--- a/service/java/com/android/server/wifi/WifiServiceImpl.java
+++ b/service/java/com/android/server/wifi/WifiServiceImpl.java
@@ -541,6 +541,16 @@ public class WifiServiceImpl extends IWifiManager.Stub {
                 "ConnectivityService");
     }
 
+    private void enforceTetheringRestriction() {
+        // check if the user has the tethering restriction
+        UserManager um = UserManager.get(mContext);
+        UserHandle userHandle = Binder.getCallingUserHandle();
+        Slog.d(TAG, "setWifiApEnabled - calling userId: " + userHandle.getIdentifier());
+        if (um.hasUserRestriction(UserManager.DISALLOW_CONFIG_TETHERING, userHandle)) {
+            throw new SecurityException("DISALLOW_CONFIG_TETHERING is enabled for this user.");
+        }
+    }
+
     /**
      * see {@link android.net.wifi.WifiManager#setWifiEnabled(boolean)}
      * @param enable {@code true} to enable, {@code false} to disable.
@@ -591,11 +601,21 @@ public class WifiServiceImpl extends IWifiManager.Stub {
      * @param enabled true to enable and false to disable
      */
     public void setWifiApEnabled(WifiConfiguration wifiConfig, boolean enabled) {
+        Slog.d(TAG, "setWifiApEnabled: " + enabled + " pid=" + Binder.getCallingPid()
+                                + ", uid=" + Binder.getCallingUid());
         enforceChangePermission();
         ConnectivityManager.enforceTetherChangePermission(mContext);
-        if (mUserManager.hasUserRestriction(UserManager.DISALLOW_CONFIG_TETHERING)) {
-            throw new SecurityException("DISALLOW_CONFIG_TETHERING is enabled for this user.");
+
+        // check if the user has the tethering restriction
+        enforceTetheringRestriction();
+        Slog.d(TAG, "setWifiApEnabled - passed the config_tethering check");
+
+        // now check if this is the primary user
+        if (Binder.getCallingUserHandle().getIdentifier() != UserHandle.USER_OWNER) {
+            Slog.e(TAG, "Only the device owner can enable wifi tethering");
+            return;
         }
+
         // null wifiConfig is a meaningful input for CMD_SET_AP
         if (wifiConfig == null || isValid(wifiConfig)) {
             mWifiController.obtainMessage(CMD_SET_AP, enabled ? 1 : 0, 0, wifiConfig).sendToTarget();
@@ -623,6 +643,13 @@ public class WifiServiceImpl extends IWifiManager.Stub {
      */
     public WifiConfiguration getWifiApConfiguration() {
         enforceAccessPermission();
+        enforceTetheringRestriction();
+        // now check if this is the primary user
+        if (Binder.getCallingUserHandle().getIdentifier() != UserHandle.USER_OWNER) {
+            Slog.e(TAG, "Only the device owner can retrieve the ap config");
+            return null;
+        }
+
         return mWifiStateMachine.syncGetWifiApConfiguration();
     }
 
@@ -650,7 +677,17 @@ public class WifiServiceImpl extends IWifiManager.Stub {
      * @param wifiConfig WifiConfiguration details for soft access point
      */
     public void setWifiApConfiguration(WifiConfiguration wifiConfig) {
+        Slog.d(TAG, "setWifiApConfiguration: " + wifiConfig);
         enforceChangePermission();
+
+        enforceTetheringRestriction();
+
+        // now check if this is the primary user
+        if (Binder.getCallingUserHandle().getIdentifier() != UserHandle.USER_OWNER) {
+            Slog.e(TAG, "Only the device owner can set the ap config");
+            return;
+        }
+
         if (wifiConfig == null)
             return;
         if (isValid(wifiConfig)) {
author	Rebecca Silberstein <silberst@google.com>	2017-09-15 09:36:58 -0700
committer	Rohit Yengisetty <rngy@google.com>	2018-04-17 17:21:15 -0700
commit	ae6b7091153f5c674b8fb8b71742ece3c6753423 (patch)
tree	a94a2a1854f485870138d479fb55ecdfe95c7675
parent	f7ab4052ca8464adef8e20a9cd5a2b1692b5f759 (diff)
download	wifi-nougat-mr1-security-release.tar.gz