Rename redactNetworkCapabilitiesForPackage and update its javadoc
The API won't modify the passed NetworkCapabilities and
LinkProperties, but redactNetworkCapabilitiesForPackage and
redactLinkPropertiesForPackage sound like they will. To reduce
the confusion, rename the API with prefix "getRedacted".
Also modify the javadoc to describe more about what the API will
do if the given UID doesn't have location permission.
Bug: 220367512
Test: atest CtsNetTestCases
Change-Id: I964f1062da1ae96df9b369b911486da1379b8a19
diff --git a/framework/api/module-lib-current.txt b/framework/api/module-lib-current.txt
index 713d35a..879267f 100644
--- a/framework/api/module-lib-current.txt
+++ b/framework/api/module-lib-current.txt
@@ -10,8 +10,8 @@
method @NonNull @RequiresPermission(anyOf={android.net.NetworkStack.PERMISSION_MAINLINE_NETWORK_STACK, android.Manifest.permission.NETWORK_STACK, android.Manifest.permission.NETWORK_SETTINGS}) public java.util.List<android.net.NetworkStateSnapshot> getAllNetworkStateSnapshots();
method @Nullable public android.net.ProxyInfo getGlobalProxy();
method @NonNull public static android.util.Range<java.lang.Integer> getIpSecNetIdRange();
- method @Nullable @RequiresPermission(anyOf={android.net.NetworkStack.PERMISSION_MAINLINE_NETWORK_STACK, android.Manifest.permission.NETWORK_STACK, android.Manifest.permission.NETWORK_SETTINGS}) public android.net.LinkProperties redactLinkPropertiesForPackage(@NonNull android.net.LinkProperties, int, @NonNull String);
- method @Nullable @RequiresPermission(anyOf={android.net.NetworkStack.PERMISSION_MAINLINE_NETWORK_STACK, android.Manifest.permission.NETWORK_STACK, android.Manifest.permission.NETWORK_SETTINGS}) public android.net.NetworkCapabilities redactNetworkCapabilitiesForPackage(@NonNull android.net.NetworkCapabilities, int, @NonNull String);
+ method @Nullable @RequiresPermission(anyOf={android.net.NetworkStack.PERMISSION_MAINLINE_NETWORK_STACK, android.Manifest.permission.NETWORK_STACK, android.Manifest.permission.NETWORK_SETTINGS}) public android.net.LinkProperties getRedactedLinkPropertiesForPackage(@NonNull android.net.LinkProperties, int, @NonNull String);
+ method @Nullable @RequiresPermission(anyOf={android.net.NetworkStack.PERMISSION_MAINLINE_NETWORK_STACK, android.Manifest.permission.NETWORK_STACK, android.Manifest.permission.NETWORK_SETTINGS}) public android.net.NetworkCapabilities getRedactedNetworkCapabilitiesForPackage(@NonNull android.net.NetworkCapabilities, int, @NonNull String);
method @RequiresPermission(anyOf={android.net.NetworkStack.PERMISSION_MAINLINE_NETWORK_STACK, android.Manifest.permission.NETWORK_SETTINGS}) public void registerDefaultNetworkCallbackForUid(int, @NonNull android.net.ConnectivityManager.NetworkCallback, @NonNull android.os.Handler);
method @RequiresPermission(anyOf={android.net.NetworkStack.PERMISSION_MAINLINE_NETWORK_STACK, android.Manifest.permission.NETWORK_SETTINGS}) public void registerSystemDefaultNetworkCallback(@NonNull android.net.ConnectivityManager.NetworkCallback, @NonNull android.os.Handler);
method @RequiresPermission(anyOf={android.Manifest.permission.NETWORK_SETTINGS, android.Manifest.permission.NETWORK_STACK, android.net.NetworkStack.PERMISSION_MAINLINE_NETWORK_STACK}) public void replaceFirewallChain(int, @NonNull int[]);
diff --git a/framework/src/android/net/ConnectivityManager.java b/framework/src/android/net/ConnectivityManager.java
index e8e1efa..a150f40 100644
--- a/framework/src/android/net/ConnectivityManager.java
+++ b/framework/src/android/net/ConnectivityManager.java
@@ -1643,10 +1643,10 @@
android.Manifest.permission.NETWORK_SETTINGS})
@SystemApi(client = MODULE_LIBRARIES)
@Nullable
- public LinkProperties redactLinkPropertiesForPackage(@NonNull LinkProperties lp, int uid,
+ public LinkProperties getRedactedLinkPropertiesForPackage(@NonNull LinkProperties lp, int uid,
@NonNull String packageName) {
try {
- return mService.redactLinkPropertiesForPackage(
+ return mService.getRedactedLinkPropertiesForPackage(
lp, uid, packageName, getAttributionTag());
} catch (RemoteException e) {
throw e.rethrowFromSystemServer();
@@ -1683,9 +1683,11 @@
* Redact {@link NetworkCapabilities} for a given package.
*
* Returns an instance of {@link NetworkCapabilities} that is appropriately redacted to send
- * to the given package, considering its permissions. Calling this method will blame the UID for
- * retrieving the device location if the passed capabilities contain location-sensitive
- * information.
+ * to the given package, considering its permissions. If the passed capabilities contain
+ * location-sensitive information, they will be redacted to the correct degree for the location
+ * permissions of the app (COARSE or FINE), and will blame the UID accordingly for retrieving
+ * that level of location. If the UID holds no location permission, the returned object will
+ * contain no location-sensitive information and the UID is not blamed.
*
* @param nc A {@link NetworkCapabilities} instance which will be redacted.
* @param uid The target uid.
@@ -1700,11 +1702,11 @@
android.Manifest.permission.NETWORK_SETTINGS})
@SystemApi(client = MODULE_LIBRARIES)
@Nullable
- public NetworkCapabilities redactNetworkCapabilitiesForPackage(
+ public NetworkCapabilities getRedactedNetworkCapabilitiesForPackage(
@NonNull NetworkCapabilities nc,
int uid, @NonNull String packageName) {
try {
- return mService.redactNetworkCapabilitiesForPackage(nc, uid, packageName,
+ return mService.getRedactedNetworkCapabilitiesForPackage(nc, uid, packageName,
getAttributionTag());
} catch (RemoteException e) {
throw e.rethrowFromSystemServer();
diff --git a/framework/src/android/net/IConnectivityManager.aidl b/framework/src/android/net/IConnectivityManager.aidl
index 23a3850..cd79d8a 100644
--- a/framework/src/android/net/IConnectivityManager.aidl
+++ b/framework/src/android/net/IConnectivityManager.aidl
@@ -76,13 +76,13 @@
LinkProperties getActiveLinkProperties();
LinkProperties getLinkPropertiesForType(int networkType);
LinkProperties getLinkProperties(in Network network);
- LinkProperties redactLinkPropertiesForPackage(in LinkProperties lp, int uid, String packageName,
- String callingAttributionTag);
+ LinkProperties getRedactedLinkPropertiesForPackage(in LinkProperties lp, int uid,
+ String packageName, String callingAttributionTag);
NetworkCapabilities getNetworkCapabilities(in Network network, String callingPackageName,
String callingAttributionTag);
- NetworkCapabilities redactNetworkCapabilitiesForPackage(in NetworkCapabilities nc, int uid,
+ NetworkCapabilities getRedactedNetworkCapabilitiesForPackage(in NetworkCapabilities nc, int uid,
String callingPackageName, String callingAttributionTag);
@UnsupportedAppUsage(maxTargetSdk = 30, trackingBug = 170729553)
diff --git a/service/src/com/android/server/ConnectivityService.java b/service/src/com/android/server/ConnectivityService.java
index c90fcd5..3ca3f2e 100644
--- a/service/src/com/android/server/ConnectivityService.java
+++ b/service/src/com/android/server/ConnectivityService.java
@@ -2172,7 +2172,7 @@
@Override
@Nullable
- public LinkProperties redactLinkPropertiesForPackage(@NonNull LinkProperties lp, int uid,
+ public LinkProperties getRedactedLinkPropertiesForPackage(@NonNull LinkProperties lp, int uid,
@NonNull String packageName, @Nullable String callingAttributionTag) {
Objects.requireNonNull(packageName);
Objects.requireNonNull(lp);
@@ -2207,8 +2207,9 @@
}
@Override
- public NetworkCapabilities redactNetworkCapabilitiesForPackage(@NonNull NetworkCapabilities nc,
- int uid, @NonNull String packageName, @Nullable String callingAttributionTag) {
+ public NetworkCapabilities getRedactedNetworkCapabilitiesForPackage(
+ @NonNull NetworkCapabilities nc, int uid, @NonNull String packageName,
+ @Nullable String callingAttributionTag) {
Objects.requireNonNull(nc);
Objects.requireNonNull(packageName);
enforceNetworkStackOrSettingsPermission();
diff --git a/tests/cts/net/src/android/net/cts/ConnectivityManagerTest.java b/tests/cts/net/src/android/net/cts/ConnectivityManagerTest.java
index 5e8bffa..d40bc9f 100644
--- a/tests/cts/net/src/android/net/cts/ConnectivityManagerTest.java
+++ b/tests/cts/net/src/android/net/cts/ConnectivityManagerTest.java
@@ -591,7 +591,7 @@
@DevSdkIgnoreRule.IgnoreUpTo(SC_V2)
@Test
- public void testRedactLinkPropertiesForPackage() throws Exception {
+ public void testGetRedactedLinkPropertiesForPackage() throws Exception {
final String groundedPkg = findPackageByPermissions(
List.of(), /* requiredPermissions */
List.of(ACCESS_NETWORK_STATE) /* forbiddenPermissions */);
@@ -628,54 +628,55 @@
// No matter what the given uid is, a SecurityException will be thrown if the caller
// doesn't hold the NETWORK_SETTINGS permission.
assertThrows(SecurityException.class,
- () -> mCm.redactLinkPropertiesForPackage(lp, groundedUid, groundedPkg));
+ () -> mCm.getRedactedLinkPropertiesForPackage(lp, groundedUid, groundedPkg));
assertThrows(SecurityException.class,
- () -> mCm.redactLinkPropertiesForPackage(lp, normalUid, normalPkg));
+ () -> mCm.getRedactedLinkPropertiesForPackage(lp, normalUid, normalPkg));
assertThrows(SecurityException.class,
- () -> mCm.redactLinkPropertiesForPackage(lp, privilegedUid, privilegedPkg));
+ () -> mCm.getRedactedLinkPropertiesForPackage(lp, privilegedUid, privilegedPkg));
runAsShell(NETWORK_SETTINGS, () -> {
// No matter what the given uid is, if the given LinkProperties is null, then
// NullPointerException will be thrown.
assertThrows(NullPointerException.class,
- () -> mCm.redactLinkPropertiesForPackage(null, groundedUid, groundedPkg));
+ () -> mCm.getRedactedLinkPropertiesForPackage(null, groundedUid, groundedPkg));
assertThrows(NullPointerException.class,
- () -> mCm.redactLinkPropertiesForPackage(null, normalUid, normalPkg));
+ () -> mCm.getRedactedLinkPropertiesForPackage(null, normalUid, normalPkg));
assertThrows(NullPointerException.class,
- () -> mCm.redactLinkPropertiesForPackage(null, privilegedUid, privilegedPkg));
+ () -> mCm.getRedactedLinkPropertiesForPackage(
+ null, privilegedUid, privilegedPkg));
// Make sure null is returned for a UID without ACCESS_NETWORK_STATE.
- assertNull(mCm.redactLinkPropertiesForPackage(lp, groundedUid, groundedPkg));
+ assertNull(mCm.getRedactedLinkPropertiesForPackage(lp, groundedUid, groundedPkg));
// CaptivePortalApiUrl & CaptivePortalData will be set to null if given uid doesn't hold
// the NETWORK_SETTINGS permission.
- assertNull(mCm.redactLinkPropertiesForPackage(lp, normalUid, normalPkg)
+ assertNull(mCm.getRedactedLinkPropertiesForPackage(lp, normalUid, normalPkg)
.getCaptivePortalApiUrl());
- assertNull(mCm.redactLinkPropertiesForPackage(lp, normalUid, normalPkg)
+ assertNull(mCm.getRedactedLinkPropertiesForPackage(lp, normalUid, normalPkg)
.getCaptivePortalData());
// MTU is not sensitive and is not redacted.
- assertEquals(mtu, mCm.redactLinkPropertiesForPackage(lp, normalUid, normalPkg)
+ assertEquals(mtu, mCm.getRedactedLinkPropertiesForPackage(lp, normalUid, normalPkg)
.getMtu());
// CaptivePortalApiUrl & CaptivePortalData will be preserved if the given uid holds the
// NETWORK_SETTINGS permission.
assertEquals(capportUrl,
- mCm.redactLinkPropertiesForPackage(lp, privilegedUid, privilegedPkg)
+ mCm.getRedactedLinkPropertiesForPackage(lp, privilegedUid, privilegedPkg)
.getCaptivePortalApiUrl());
assertEquals(capportData,
- mCm.redactLinkPropertiesForPackage(lp, privilegedUid, privilegedPkg)
+ mCm.getRedactedLinkPropertiesForPackage(lp, privilegedUid, privilegedPkg)
.getCaptivePortalData());
});
}
private NetworkCapabilities redactNc(@NonNull final NetworkCapabilities nc, int uid,
@NonNull String packageName) {
- return mCm.redactNetworkCapabilitiesForPackage(nc, uid, packageName);
+ return mCm.getRedactedNetworkCapabilitiesForPackage(nc, uid, packageName);
}
@DevSdkIgnoreRule.IgnoreUpTo(SC_V2)
@Test
- public void testRedactNetworkCapabilitiesForPackage() throws Exception {
+ public void testGetRedactedNetworkCapabilitiesForPackage() throws Exception {
final String groundedPkg = findPackageByPermissions(
List.of(), /* requiredPermissions */
List.of(ACCESS_NETWORK_STATE) /* forbiddenPermissions */);