Make ThreadNetworkController.setTestNetworkAsUpstream require NETWORK_SETTINGS permission
This CL contains following enhancements:
- Enforce NETWORK_SETTINGS permission for ThreadNetworkController.setTestNetworkAsUpstream.
- Move the setTestNetworkAsUpstream in
ThreadNetworkControllerService to make the order of methods more
logical.
- Update the test case name in BorderRoutingTest.
Bug: 295843010
Bug: 320842152
Change-Id: I82edac6c819dd637f4c98f31368a1b520338ce24
diff --git a/thread/framework/java/android/net/thread/ThreadNetworkController.java b/thread/framework/java/android/net/thread/ThreadNetworkController.java
index b5699a9..7242ed7 100644
--- a/thread/framework/java/android/net/thread/ThreadNetworkController.java
+++ b/thread/framework/java/android/net/thread/ThreadNetworkController.java
@@ -510,7 +510,8 @@
* @hide
*/
@VisibleForTesting
- @RequiresPermission("android.permission.THREAD_NETWORK_PRIVILEGED")
+ @RequiresPermission(
+ allOf = {"android.permission.THREAD_NETWORK_PRIVILEGED", permission.NETWORK_SETTINGS})
public void setTestNetworkAsUpstream(
@Nullable String testNetworkInterfaceName,
@NonNull @CallbackExecutor Executor executor,
diff --git a/thread/service/java/com/android/server/thread/ThreadNetworkControllerService.java b/thread/service/java/com/android/server/thread/ThreadNetworkControllerService.java
index cd59e4e..1c51c42 100644
--- a/thread/service/java/com/android/server/thread/ThreadNetworkControllerService.java
+++ b/thread/service/java/com/android/server/thread/ThreadNetworkControllerService.java
@@ -14,6 +14,7 @@
package com.android.server.thread;
+import static android.Manifest.permission.NETWORK_SETTINGS;
import static android.net.MulticastRoutingConfig.CONFIG_FORWARD_NONE;
import static android.net.MulticastRoutingConfig.FORWARD_NONE;
import static android.net.MulticastRoutingConfig.FORWARD_SELECTED;
@@ -253,38 +254,6 @@
.build();
}
- @Override
- public void setTestNetworkAsUpstream(
- @Nullable String testNetworkInterfaceName, @NonNull IOperationReceiver receiver) {
- enforceAllPermissionsGranted(PERMISSION_THREAD_NETWORK_PRIVILEGED);
-
- Log.i(TAG, "setTestNetworkAsUpstream: " + testNetworkInterfaceName);
- mHandler.post(() -> setTestNetworkAsUpstreamInternal(testNetworkInterfaceName, receiver));
- }
-
- private void setTestNetworkAsUpstreamInternal(
- @Nullable String testNetworkInterfaceName, @NonNull IOperationReceiver receiver) {
- checkOnHandlerThread();
-
- TestNetworkSpecifier testNetworkSpecifier = null;
- if (testNetworkInterfaceName != null) {
- testNetworkSpecifier = new TestNetworkSpecifier(testNetworkInterfaceName);
- }
-
- if (!Objects.equals(mUpstreamTestNetworkSpecifier, testNetworkSpecifier)) {
- cancelRequestUpstreamNetwork();
- mUpstreamTestNetworkSpecifier = testNetworkSpecifier;
- mUpstreamNetworkRequest = newUpstreamNetworkRequest();
- requestUpstreamNetwork();
- sendLocalNetworkConfig();
- }
- try {
- receiver.onSuccess();
- } catch (RemoteException ignored) {
- // do nothing if the client is dead
- }
- }
-
private void initializeOtDaemon() {
try {
getOtDaemon();
@@ -786,6 +755,38 @@
}
}
+ @Override
+ public void setTestNetworkAsUpstream(
+ @Nullable String testNetworkInterfaceName, @NonNull IOperationReceiver receiver) {
+ enforceAllPermissionsGranted(PERMISSION_THREAD_NETWORK_PRIVILEGED, NETWORK_SETTINGS);
+
+ Log.i(TAG, "setTestNetworkAsUpstream: " + testNetworkInterfaceName);
+ mHandler.post(() -> setTestNetworkAsUpstreamInternal(testNetworkInterfaceName, receiver));
+ }
+
+ private void setTestNetworkAsUpstreamInternal(
+ @Nullable String testNetworkInterfaceName, @NonNull IOperationReceiver receiver) {
+ checkOnHandlerThread();
+
+ TestNetworkSpecifier testNetworkSpecifier = null;
+ if (testNetworkInterfaceName != null) {
+ testNetworkSpecifier = new TestNetworkSpecifier(testNetworkInterfaceName);
+ }
+
+ if (!Objects.equals(mUpstreamTestNetworkSpecifier, testNetworkSpecifier)) {
+ cancelRequestUpstreamNetwork();
+ mUpstreamTestNetworkSpecifier = testNetworkSpecifier;
+ mUpstreamNetworkRequest = newUpstreamNetworkRequest();
+ requestUpstreamNetwork();
+ sendLocalNetworkConfig();
+ }
+ try {
+ receiver.onSuccess();
+ } catch (RemoteException ignored) {
+ // do nothing if the client is dead
+ }
+ }
+
private void enableBorderRouting(String infraIfName) {
if (mBorderRouterConfig.isBorderRoutingEnabled
&& infraIfName.equals(mBorderRouterConfig.infraInterfaceName)) {
diff --git a/thread/tests/integration/AndroidManifest.xml b/thread/tests/integration/AndroidManifest.xml
index a347654..a049184 100644
--- a/thread/tests/integration/AndroidManifest.xml
+++ b/thread/tests/integration/AndroidManifest.xml
@@ -23,6 +23,7 @@
obtain CHANGE_NETWORK_STATE for testing once R device is no longer supported. -->
<uses-permission android:name="android.permission.CHANGE_NETWORK_STATE"/>
<uses-permission android:name="android.permission.THREAD_NETWORK_PRIVILEGED"/>
+ <uses-permission android:name="android.permission.NETWORK_SETTINGS"/>
<uses-permission android:name="android.permission.INTERNET"/>
<application android:debuggable="true">
diff --git a/thread/tests/integration/src/android/net/thread/BorderRoutingTest.java b/thread/tests/integration/src/android/net/thread/BorderRoutingTest.java
index ba7e4b8..25f5bd3 100644
--- a/thread/tests/integration/src/android/net/thread/BorderRoutingTest.java
+++ b/thread/tests/integration/src/android/net/thread/BorderRoutingTest.java
@@ -17,6 +17,7 @@
package android.net.thread;
import static android.Manifest.permission.MANAGE_TEST_NETWORKS;
+import static android.Manifest.permission.NETWORK_SETTINGS;
import static android.net.thread.IntegrationTestUtils.isExpectedIcmpv6Packet;
import static android.net.thread.IntegrationTestUtils.isSimulatedThreadRadioSupported;
import static android.net.thread.IntegrationTestUtils.newPacketReader;
@@ -101,6 +102,7 @@
mContext, new LinkProperties(), 5000 /* timeoutMs */));
runAsShell(
PERMISSION_THREAD_NETWORK_PRIVILEGED,
+ NETWORK_SETTINGS,
() -> {
CountDownLatch latch = new CountDownLatch(1);
mThreadNetworkController.setTestNetworkAsUpstream(
@@ -117,6 +119,7 @@
public void tearDown() throws Exception {
runAsShell(
PERMISSION_THREAD_NETWORK_PRIVILEGED,
+ NETWORK_SETTINGS,
() -> {
CountDownLatch latch = new CountDownLatch(2);
mThreadNetworkController.setTestNetworkAsUpstream(
@@ -132,7 +135,7 @@
}
@Test
- public void infraDevicePingTheadDeviceOmr_Succeeds() throws Exception {
+ public void unicastRouting_infraDevicePingTheadDeviceOmr_replyReceived() throws Exception {
assumeTrue(isSimulatedThreadRadioSupported());
/*