Google Git
Sign in
android / platform / packages / modules / Connectivity / 6bf8f0fbd^! / .
commit6bf8f0fbd93d65c07d3237765dd7a5e13f6da96a[log] [tgz]
authorRemi NGUYEN VAN <reminv@google.com>Mon Feb 04 10:25:11 2019 +0900
committerRemi NGUYEN VAN <reminv@google.com>Mon Feb 04 10:25:11 2019 +0900
treec762c10d063aad9b3c89677a66f50f2a8bff23ff
parentaf8e41c4345d32c2965f8fc134e82b484c92815d [diff]
Call clearCallingIdentity before notifyDnsResponse

The NetworkStack only expects calls from UID 1000 (system_server) or the
Bluetooth app. onDnsEvent is triggered by Netd which has UID 0.

One alternative would be to allow UID 0 to call the NetworkStack
directly, but being more restrictive on callers sounds like a better
option.

Test: Flashed, booted, atest FrameworksNetTests
Change-Id: Id7fb30f1e25ec70fbfbc90f3c7fc95ba18c274e6

diff --git a/services/core/java/com/android/server/ConnectivityService.java b/services/core/java/com/android/server/ConnectivityService.java
index 08e4903..89587b1 100644
--- a/services/core/java/com/android/server/ConnectivityService.java
+++ b/services/core/java/com/android/server/ConnectivityService.java

@@ -1716,16 +1716,17 @@
             // the caller thread of registerNetworkAgent. Thus, it's not allowed to register netd
             // event callback for certain nai. e.g. cellular. Register here to pass to
             // NetworkMonitor instead.
-            // TODO: Move the Dns Event to NetworkMonitor. Use Binder.clearCallingIdentity() in
-            // registerNetworkAgent to have NetworkMonitor created with system process as design
-            // expectation. Also, NetdEventListenerService only allow one callback from each
-            // caller type. Need to re-factor NetdEventListenerService to allow multiple
-            // NetworkMonitor registrants.
+            // TODO: Move the Dns Event to NetworkMonitor. NetdEventListenerService only allow one
+            // callback from each caller type. Need to re-factor NetdEventListenerService to allow
+            // multiple NetworkMonitor registrants.
             if (nai != null && nai.satisfies(mDefaultRequest)) {
+                final long token = Binder.clearCallingIdentity();
                 try {
                     nai.networkMonitor().notifyDnsResponse(returnCode);
                 } catch (RemoteException e) {
                     e.rethrowFromSystemServer();
+                } finally {
+                    Binder.restoreCallingIdentity(token);
                 }
             }
         }