Soft-enables new MAC address restrictions.
Updates getifaddrs() to behave as if RTM_GETLINK requests are not
allowed for non-system apps. This is different from previous behavior,
where apps targeting an API level < 30 were exempted from this
restriction.
Actual enforcement happens in SELinux. This change:
- Soft-enables the behavior until SELinux changes are in place
- Prevents logspam from SELinux denials after they are in place
Bug: 170188668
Test: atest bionic-unit-tests-static
Test: atest NetworkInterfaceTest
Test: Connect to Wi-Fi network
Test: Call getifaddrs() directly from within an app.
Test: Call NetworkInterface#getNetworkInterfaces() from within an app.
Change-Id: I95d124ae81bcb26583db5ad01d95d441d52f973c
diff --git a/libc/bionic/ifaddrs.cpp b/libc/bionic/ifaddrs.cpp
index 1536333..0c80f4e 100644
--- a/libc/bionic/ifaddrs.cpp
+++ b/libc/bionic/ifaddrs.cpp
@@ -306,12 +306,9 @@
// Open the netlink socket and ask for all the links and addresses.
NetlinkConnection nc;
- // SELinux policy only allows RTM_GETLINK messages to be sent by:
- // - System apps
- // - Apps with a target SDK version lower than R
+ // SELinux policy only allows RTM_GETLINK messages to be sent by system apps.
bool getlink_success = false;
- if (getuid() < FIRST_APPLICATION_UID ||
- android_get_application_target_sdk_version() < __ANDROID_API_R__) {
+ if (getuid() < FIRST_APPLICATION_UID) {
getlink_success = nc.SendRequest(RTM_GETLINK) && nc.ReadResponses(__getifaddrs_callback, out);
}
bool getaddr_success =