Add CONNECTIVITY_USE_RESTRICTED_NETWORKS permission to DownloadProvider
- DownloadManager will use the requestor app's default network to
open a connection. When the VPN app lists the DownloadProvider as
a disallowed application, this will fail with EPERM.
- This is because in R, the DownloadProvider lost its privileges
due to the removal of the CONNECTIVITY_INTERNAL permission. It's
removed without considering the corner case where the
DownloadProvider is excluded from using the VPN. It's the only
case where this makes a difference.
- Adding CONNECTIVITY_USE_RESTRICTED_NETWORKS will give
DownloadProvider the ability to use the VPN again in this case,
fixing the issue.
Bug: 165774987
Test: Build, flash rom and boot to home. Manully test that
DownloadProvider can download file via VPN.
Change-Id: If8fa785568ace1f15f53daec67c06e1207d5dc9c
diff --git a/data/etc/privapp-permissions-platform.xml b/data/etc/privapp-permissions-platform.xml
index e08e42a..5f34a5e 100644
--- a/data/etc/privapp-permissions-platform.xml
+++ b/data/etc/privapp-permissions-platform.xml
@@ -224,6 +224,7 @@
<permission name="android.permission.MANAGE_EXTERNAL_STORAGE"/>
<permission name="android.permission.UPDATE_APP_OPS_STATS"/>
<permission name="android.permission.UPDATE_DEVICE_STATS"/>
+ <permission name="android.permission.CONNECTIVITY_USE_RESTRICTED_NETWORKS"/>
</privapp-permissions>
<privapp-permissions package="com.android.providers.media.module">
