diff options
| author | Nathan Harold <nharold@google.com> | 2018-03-21 15:32:42 -0700 |
|---|---|---|
| committer | Nathan Harold <nharold@google.com> | 2018-03-22 14:16:50 -0700 |
| commit | 159788455c79fa47847d0c40fcee7aceff2551ae (patch) | |
| tree | cd7f708e07a4b11e56f7f5048bf83c7f10c8d6e5 /core/java/android/net/IpSecManager.java | |
| parent | 8a047a0c5207433769a084f524fd3f9ebed18da8 (diff) | |
Add MANAGE_IPSEC_TUNNELS Permission
Add a new MANAGE_IPSEC_TUNNELS permission and
protect all IPsec Tunnel mode APIs with it.
This permission is only granted to the system or
through an AppOp.
Bug: 66955045
Test: compilation
Change-Id: I0f618373b500c493ef2211bece681f74652a1833
Diffstat (limited to 'core/java/android/net/IpSecManager.java')
| -rw-r--r-- | core/java/android/net/IpSecManager.java | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/core/java/android/net/IpSecManager.java b/core/java/android/net/IpSecManager.java index 4157845d611b..972b9c074690 100644 --- a/core/java/android/net/IpSecManager.java +++ b/core/java/android/net/IpSecManager.java @@ -658,6 +658,7 @@ public final class IpSecManager { * @hide */ @SystemApi + @RequiresPermission(android.Manifest.permission.MANAGE_IPSEC_TUNNELS) public void addAddress(@NonNull LinkAddress address) throws IOException { try { mService.addAddressToTunnelInterface(mResourceId, address); @@ -675,6 +676,7 @@ public final class IpSecManager { * @hide */ @SystemApi + @RequiresPermission(android.Manifest.permission.MANAGE_IPSEC_TUNNELS) public void removeAddress(@NonNull LinkAddress address) throws IOException { try { mService.removeAddressFromTunnelInterface(mResourceId, address); @@ -768,7 +770,7 @@ public final class IpSecManager { */ @SystemApi @NonNull - @RequiresPermission(android.Manifest.permission.NETWORK_STACK) + @RequiresPermission(android.Manifest.permission.MANAGE_IPSEC_TUNNELS) public IpSecTunnelInterface createIpSecTunnelInterface(@NonNull InetAddress localAddress, @NonNull InetAddress remoteAddress, @NonNull Network underlyingNetwork) throws ResourceUnavailableException, IOException { @@ -793,7 +795,7 @@ public final class IpSecManager { * @hide */ @SystemApi - @RequiresPermission(android.Manifest.permission.NETWORK_STACK) + @RequiresPermission(android.Manifest.permission.MANAGE_IPSEC_TUNNELS) public void applyTunnelModeTransform(@NonNull IpSecTunnelInterface tunnel, @PolicyDirection int direction, @NonNull IpSecTransform transform) throws IOException { try { |