WifiBackupRestore: Backup networks from apps holding CONFIG_OVERRIDE

We currently backup only networks created by system apps. Change that to instead backup only networks created by apps holding the |CONFIG_OVERRIDE| permission. This will let us backup networks from apps like SetupWizard which holds the |CONFIG_OVERRIDE| permission. Since such apps have the permission to modify any network in the device, it doesn't matter that the |creatorUid| info is lost during the restore process. PS: See the discussion in b/29201888 for why the creatorUid cannot be preserved across restore. Bug: 38041584 Test: Unit tests Test: 'bmgr backup com.android.provider.settings' Test: 'bmgr restore <sha> com.android.provider.settings' Change-Id: I550631d11f34942e408a6e4068bcb45ce22cb8e6
author: Roshan Pius <rpius@google.com> 2017-05-26 09:41:04 -0700
committer: Roshan Pius <rpius@google.com> 2017-06-08 16:32:21 +0000
commit: 9e83c3b65710cef6e04015565974750ee67200f1 (patch)
tree: e6e4e37885487a4d94dde88354db5c8e885c7b72 /service
parent: 04977155d75180c629a6c44b9db1fa9d2e250e76 (diff)
2 files changed, 13 insertions, 2 deletions
diff --git a/service/java/com/android/server/wifi/WifiBackupRestore.java b/service/java/com/android/server/wifi/WifiBackupRestore.java
index 4095d8283..60c3b488d 100644
--- a/service/java/com/android/server/wifi/WifiBackupRestore.java
+++ b/service/java/com/android/server/wifi/WifiBackupRestore.java
@@ -28,6 +28,7 @@ import android.util.Xml;
 import com.android.internal.util.FastXmlSerializer;
 import com.android.server.net.IpConfigStore;
 import com.android.server.wifi.util.NativeUtil;
+import com.android.server.wifi.util.WifiPermissionsUtil;
 import com.android.server.wifi.util.XmlUtil;
 import com.android.server.wifi.util.XmlUtil.IpConfigurationXmlUtil;
 import com.android.server.wifi.util.XmlUtil.WifiConfigurationXmlUtil;
@@ -96,6 +97,7 @@ public class WifiBackupRestore {
     private static final String WEP_KEYS_MASK_SEARCH_PATTERN = "(<.*=)(.*)(/>)";
     private static final String WEP_KEYS_MASK_REPLACE_PATTERN = "$1*$3";
 
+    private final WifiPermissionsUtil mWifiPermissionsUtil;
     /**
      * Verbose logging flag.
      */
@@ -109,6 +111,10 @@ public class WifiBackupRestore {
     private byte[] mDebugLastBackupDataRestored;
     private byte[] mDebugLastSupplicantBackupDataRestored;
 
+    public WifiBackupRestore(WifiPermissionsUtil wifiPermissionsUtil) {
+        mWifiPermissionsUtil = wifiPermissionsUtil;
+    }
+
     /**
      * Retrieve an XML byte stream representing the data that needs to be backed up from the
      * provided configurations.
@@ -163,7 +169,9 @@ public class WifiBackupRestore {
             if (configuration.isEnterprise() || configuration.isPasspoint()) {
                 continue;
             }
-            if (configuration.creatorUid >= Process.FIRST_APPLICATION_UID) {
+            if (!mWifiPermissionsUtil.checkConfigOverridePermission(configuration.creatorUid)) {
+                Log.d(TAG, "Ignoring network from an app with no config override permission: "
+                        + configuration.configKey());
                 continue;
             }
             // Write this configuration data now.
@@ -702,6 +710,8 @@ public class WifiBackupRestore {
                                 Integer.parseInt(extras.get(
                                         SupplicantStaNetworkHal.ID_STRING_KEY_CREATOR_UID));
                         if (creatorUid >= Process.FIRST_APPLICATION_UID) {
+                            Log.d(TAG, "Ignoring network from non-system app: "
+                                    + configuration.configKey());
                             return null;
                         }
                     }
diff --git a/service/java/com/android/server/wifi/WifiInjector.java b/service/java/com/android/server/wifi/WifiInjector.java
index 90e400cc1..c51778578 100644
--- a/service/java/com/android/server/wifi/WifiInjector.java
+++ b/service/java/com/android/server/wifi/WifiInjector.java
@@ -96,7 +96,7 @@ public class WifiInjector {
     private final PropertyService mPropertyService = new SystemPropertyService();
     private final BuildProperties mBuildProperties = new SystemBuildProperties();
     private final KeyStore mKeyStore = KeyStore.getInstance();
-    private final WifiBackupRestore mWifiBackupRestore = new WifiBackupRestore();
+    private final WifiBackupRestore mWifiBackupRestore;
     private final WifiMulticastLockManager mWifiMulticastLockManager;
     private final WifiConfigStore mWifiConfigStore;
     private final WifiKeyStore mWifiKeyStore;
@@ -150,6 +150,7 @@ public class WifiInjector {
                 mWifiNetworkScoreCache, NetworkScoreManager.CACHE_FILTER_NONE);
         mWifiPermissionsUtil = new WifiPermissionsUtil(mWifiPermissionsWrapper, mContext,
                 mSettingsStore, UserManager.get(mContext), mNetworkScoreManager, this);
+        mWifiBackupRestore = new WifiBackupRestore(mWifiPermissionsUtil);
         mBatteryStats = IBatteryStats.Stub.asInterface(mFrameworkFacade.getService(
                 BatteryStats.SERVICE_NAME));
         mWifiStateTracker = new WifiStateTracker(mBatteryStats);
author	Roshan Pius <rpius@google.com>	2017-05-26 09:41:04 -0700
committer	Roshan Pius <rpius@google.com>	2017-06-08 16:32:21 +0000
commit	9e83c3b65710cef6e04015565974750ee67200f1 (patch)
tree	e6e4e37885487a4d94dde88354db5c8e885c7b72 /service
parent	04977155d75180c629a6c44b9db1fa9d2e250e76 (diff)