Clear the CallingIdentity before in the context of property check
Using packageManager from ConnectivityService context to get the caller
application info in binder calls can cause the permission issue. Calling
the Binder.clearCallingIdentity() before interact with packageManager
can fix the permission issue.
Test: atest CtsHostsideNetworkTests
Bug: 272165411
Change-Id: I0a289afc6fb0e42a92aa3ffa0c77ed396c4485c3
diff --git a/service/src/com/android/server/ConnectivityService.java b/service/src/com/android/server/ConnectivityService.java
index 5f51971..7cc4d97 100755
--- a/service/src/com/android/server/ConnectivityService.java
+++ b/service/src/com/android/server/ConnectivityService.java
@@ -911,7 +911,7 @@
// This is the cache for the packageName -> ApplicationSelfCertifiedNetworkCapabilities. This
// value can be accessed from both handler thread and any random binder thread. Therefore,
- // accessing this value requires holding a lock.
+ // accessing this value requires holding a lock. The cache is the same across all the users.
@GuardedBy("mSelfCertifiedCapabilityCache")
private final Map<String, ApplicationSelfCertifiedNetworkCapabilities>
mSelfCertifiedCapabilityCache = new HashMap<>();
@@ -7001,6 +7001,7 @@
return;
}
ApplicationSelfCertifiedNetworkCapabilities applicationNetworkCapabilities;
+ final long ident = Binder.clearCallingIdentity();
try {
synchronized (mSelfCertifiedCapabilityCache) {
applicationNetworkCapabilities = mSelfCertifiedCapabilityCache.get(
@@ -7027,6 +7028,8 @@
+ " property");
} catch (XmlPullParserException | IOException | InvalidTagException e) {
throw new SecurityException(e.getMessage());
+ } finally {
+ Binder.restoreCallingIdentity(ident);
}
applicationNetworkCapabilities.enforceSelfCertifiedNetworkCapabilitiesDeclared(