Loading core/java/android/net/NetworkPolicyManager.java +18 −0 Original line number Diff line number Diff line Loading @@ -432,6 +432,24 @@ public class NetworkPolicyManager { } } /** * Check that networking is blocked for the given uid. * * @param uid The target uid. * @param meteredNetwork True if the network is metered. * @return true if networking is blocked for the given uid according to current networking * policies. * * @hide */ public boolean isUidNetworkingBlocked(int uid, boolean meteredNetwork) { try { return mService.isUidNetworkingBlocked(uid, meteredNetwork); } catch (RemoteException e) { throw e.rethrowFromSystemServer(); } } /** * Get multipath preference for the given network. */ Loading services/core/java/com/android/server/ConnectivityService.java +17 −10 Original line number Diff line number Diff line Loading @@ -1331,15 +1331,20 @@ public class ConnectivityService extends IConnectivityManager.Stub /** * Check if UID should be blocked from using the specified network. */ private boolean isNetworkWithLinkPropertiesBlocked(LinkProperties lp, int uid, boolean ignoreBlocked) { private boolean isNetworkWithCapabilitiesBlocked(@Nullable final NetworkCapabilities nc, final int uid, final boolean ignoreBlocked) { // Networks aren't blocked when ignoring blocked status if (ignoreBlocked) { return false; } if (isUidBlockedByVpn(uid, mVpnBlockedUidRanges)) return true; final String iface = (lp == null ? "" : lp.getInterfaceName()); return mPolicyManagerInternal.isUidNetworkingBlocked(uid, iface); final long ident = Binder.clearCallingIdentity(); try { final boolean metered = nc == null ? true : nc.isMetered(); return mPolicyManager.isUidNetworkingBlocked(uid, metered); } finally { Binder.restoreCallingIdentity(ident); } } private void maybeLogBlockedNetworkInfo(NetworkInfo ni, int uid) { Loading Loading @@ -1377,12 +1382,13 @@ public class ConnectivityService extends IConnectivityManager.Stub /** * Apply any relevant filters to {@link NetworkState} for the given UID. For * example, this may mark the network as {@link DetailedState#BLOCKED} based * on {@link #isNetworkWithLinkPropertiesBlocked}. * on {@link #isNetworkWithCapabilitiesBlocked}. */ private void filterNetworkStateForUid(NetworkState state, int uid, boolean ignoreBlocked) { if (state == null || state.networkInfo == null || state.linkProperties == null) return; if (isNetworkWithLinkPropertiesBlocked(state.linkProperties, uid, ignoreBlocked)) { if (isNetworkWithCapabilitiesBlocked(state.networkCapabilities, uid, ignoreBlocked)) { state.networkInfo.setDetailedState(DetailedState.BLOCKED, null, null); } synchronized (mVpns) { Loading Loading @@ -1442,8 +1448,8 @@ public class ConnectivityService extends IConnectivityManager.Stub } } nai = getDefaultNetwork(); if (nai != null && isNetworkWithLinkPropertiesBlocked(nai.linkProperties, uid, ignoreBlocked)) { if (nai != null && isNetworkWithCapabilitiesBlocked( nai.networkCapabilities, uid, ignoreBlocked)) { nai = null; } return nai != null ? nai.network : null; Loading Loading @@ -1515,7 +1521,7 @@ public class ConnectivityService extends IConnectivityManager.Stub enforceAccessPermission(); final int uid = mDeps.getCallingUid(); NetworkState state = getFilteredNetworkState(networkType, uid); if (!isNetworkWithLinkPropertiesBlocked(state.linkProperties, uid, false)) { if (!isNetworkWithCapabilitiesBlocked(state.networkCapabilities, uid, false)) { return state.network; } return null; Loading Loading @@ -4473,7 +4479,8 @@ public class ConnectivityService extends IConnectivityManager.Stub if (!nai.everConnected) { return; } if (isNetworkWithLinkPropertiesBlocked(nai.linkProperties, uid, false)) { final NetworkCapabilities nc = getNetworkCapabilitiesInternal(nai); if (isNetworkWithCapabilitiesBlocked(nc, uid, false)) { return; } nai.networkMonitor().forceReevaluation(uid); Loading services/core/java/com/android/server/net/NetworkPolicyManagerInternal.java +0 −6 Original line number Diff line number Diff line Loading @@ -43,12 +43,6 @@ public abstract class NetworkPolicyManagerInternal { */ public abstract boolean isUidRestrictedOnMeteredNetworks(int uid); /** * @return true if networking is blocked on the given interface for the given uid according * to current networking policies. */ public abstract boolean isUidNetworkingBlocked(int uid, String ifname); /** * Figure out if networking is blocked for a given set of conditions. * Loading services/core/java/com/android/server/net/NetworkPolicyManagerService.java +2 −27 Original line number Diff line number Diff line Loading @@ -71,6 +71,7 @@ import static android.net.NetworkPolicyManager.isProcStateAllowedWhileOnRestrict import static android.net.NetworkPolicyManager.resolveNetworkId; import static android.net.NetworkPolicyManager.uidPoliciesToString; import static android.net.NetworkPolicyManager.uidRulesToString; import static android.net.NetworkStack.PERMISSION_MAINLINE_NETWORK_STACK; import static android.net.NetworkTemplate.MATCH_MOBILE; import static android.net.NetworkTemplate.MATCH_WIFI; import static android.net.NetworkTemplate.buildTemplateMobileAll; Loading Loading @@ -5224,7 +5225,7 @@ public class NetworkPolicyManagerService extends INetworkPolicyManager.Stub { public boolean isUidNetworkingBlocked(int uid, boolean isNetworkMetered) { final long startTime = mStatLogger.getTime(); mContext.enforceCallingOrSelfPermission(OBSERVE_NETWORK_POLICY, TAG); enforceAnyPermissionOf(OBSERVE_NETWORK_POLICY, PERMISSION_MAINLINE_NETWORK_STACK); final int uidRules; final boolean isBackgroundRestricted; synchronized (mUidRulesFirstLock) { Loading Loading @@ -5327,32 +5328,6 @@ public class NetworkPolicyManagerService extends INetworkPolicyManager.Stub { && !hasRule(uidRules, RULE_TEMPORARY_ALLOW_METERED); } /** * @return true if networking is blocked on the given interface for the given uid according * to current networking policies. */ @Override public boolean isUidNetworkingBlocked(int uid, String ifname) { final long startTime = mStatLogger.getTime(); final int uidRules; final boolean isBackgroundRestricted; synchronized (mUidRulesFirstLock) { uidRules = mUidRules.get(uid, RULE_NONE); isBackgroundRestricted = mRestrictBackground; } final boolean isNetworkMetered; synchronized (mMeteredIfacesLock) { isNetworkMetered = mMeteredIfaces.contains(ifname); } final boolean ret = isUidNetworkingBlockedInternal(uid, uidRules, isNetworkMetered, isBackgroundRestricted, mLogger); mStatLogger.logDurationStat(Stats.IS_UID_NETWORKING_BLOCKED, startTime); return ret; } @Override public void onTempPowerSaveWhitelistChange(int appId, boolean added) { synchronized (mUidRulesFirstLock) { Loading Loading
core/java/android/net/NetworkPolicyManager.java +18 −0 Original line number Diff line number Diff line Loading @@ -432,6 +432,24 @@ public class NetworkPolicyManager { } } /** * Check that networking is blocked for the given uid. * * @param uid The target uid. * @param meteredNetwork True if the network is metered. * @return true if networking is blocked for the given uid according to current networking * policies. * * @hide */ public boolean isUidNetworkingBlocked(int uid, boolean meteredNetwork) { try { return mService.isUidNetworkingBlocked(uid, meteredNetwork); } catch (RemoteException e) { throw e.rethrowFromSystemServer(); } } /** * Get multipath preference for the given network. */ Loading
services/core/java/com/android/server/ConnectivityService.java +17 −10 Original line number Diff line number Diff line Loading @@ -1331,15 +1331,20 @@ public class ConnectivityService extends IConnectivityManager.Stub /** * Check if UID should be blocked from using the specified network. */ private boolean isNetworkWithLinkPropertiesBlocked(LinkProperties lp, int uid, boolean ignoreBlocked) { private boolean isNetworkWithCapabilitiesBlocked(@Nullable final NetworkCapabilities nc, final int uid, final boolean ignoreBlocked) { // Networks aren't blocked when ignoring blocked status if (ignoreBlocked) { return false; } if (isUidBlockedByVpn(uid, mVpnBlockedUidRanges)) return true; final String iface = (lp == null ? "" : lp.getInterfaceName()); return mPolicyManagerInternal.isUidNetworkingBlocked(uid, iface); final long ident = Binder.clearCallingIdentity(); try { final boolean metered = nc == null ? true : nc.isMetered(); return mPolicyManager.isUidNetworkingBlocked(uid, metered); } finally { Binder.restoreCallingIdentity(ident); } } private void maybeLogBlockedNetworkInfo(NetworkInfo ni, int uid) { Loading Loading @@ -1377,12 +1382,13 @@ public class ConnectivityService extends IConnectivityManager.Stub /** * Apply any relevant filters to {@link NetworkState} for the given UID. For * example, this may mark the network as {@link DetailedState#BLOCKED} based * on {@link #isNetworkWithLinkPropertiesBlocked}. * on {@link #isNetworkWithCapabilitiesBlocked}. */ private void filterNetworkStateForUid(NetworkState state, int uid, boolean ignoreBlocked) { if (state == null || state.networkInfo == null || state.linkProperties == null) return; if (isNetworkWithLinkPropertiesBlocked(state.linkProperties, uid, ignoreBlocked)) { if (isNetworkWithCapabilitiesBlocked(state.networkCapabilities, uid, ignoreBlocked)) { state.networkInfo.setDetailedState(DetailedState.BLOCKED, null, null); } synchronized (mVpns) { Loading Loading @@ -1442,8 +1448,8 @@ public class ConnectivityService extends IConnectivityManager.Stub } } nai = getDefaultNetwork(); if (nai != null && isNetworkWithLinkPropertiesBlocked(nai.linkProperties, uid, ignoreBlocked)) { if (nai != null && isNetworkWithCapabilitiesBlocked( nai.networkCapabilities, uid, ignoreBlocked)) { nai = null; } return nai != null ? nai.network : null; Loading Loading @@ -1515,7 +1521,7 @@ public class ConnectivityService extends IConnectivityManager.Stub enforceAccessPermission(); final int uid = mDeps.getCallingUid(); NetworkState state = getFilteredNetworkState(networkType, uid); if (!isNetworkWithLinkPropertiesBlocked(state.linkProperties, uid, false)) { if (!isNetworkWithCapabilitiesBlocked(state.networkCapabilities, uid, false)) { return state.network; } return null; Loading Loading @@ -4473,7 +4479,8 @@ public class ConnectivityService extends IConnectivityManager.Stub if (!nai.everConnected) { return; } if (isNetworkWithLinkPropertiesBlocked(nai.linkProperties, uid, false)) { final NetworkCapabilities nc = getNetworkCapabilitiesInternal(nai); if (isNetworkWithCapabilitiesBlocked(nc, uid, false)) { return; } nai.networkMonitor().forceReevaluation(uid); Loading
services/core/java/com/android/server/net/NetworkPolicyManagerInternal.java +0 −6 Original line number Diff line number Diff line Loading @@ -43,12 +43,6 @@ public abstract class NetworkPolicyManagerInternal { */ public abstract boolean isUidRestrictedOnMeteredNetworks(int uid); /** * @return true if networking is blocked on the given interface for the given uid according * to current networking policies. */ public abstract boolean isUidNetworkingBlocked(int uid, String ifname); /** * Figure out if networking is blocked for a given set of conditions. * Loading
services/core/java/com/android/server/net/NetworkPolicyManagerService.java +2 −27 Original line number Diff line number Diff line Loading @@ -71,6 +71,7 @@ import static android.net.NetworkPolicyManager.isProcStateAllowedWhileOnRestrict import static android.net.NetworkPolicyManager.resolveNetworkId; import static android.net.NetworkPolicyManager.uidPoliciesToString; import static android.net.NetworkPolicyManager.uidRulesToString; import static android.net.NetworkStack.PERMISSION_MAINLINE_NETWORK_STACK; import static android.net.NetworkTemplate.MATCH_MOBILE; import static android.net.NetworkTemplate.MATCH_WIFI; import static android.net.NetworkTemplate.buildTemplateMobileAll; Loading Loading @@ -5224,7 +5225,7 @@ public class NetworkPolicyManagerService extends INetworkPolicyManager.Stub { public boolean isUidNetworkingBlocked(int uid, boolean isNetworkMetered) { final long startTime = mStatLogger.getTime(); mContext.enforceCallingOrSelfPermission(OBSERVE_NETWORK_POLICY, TAG); enforceAnyPermissionOf(OBSERVE_NETWORK_POLICY, PERMISSION_MAINLINE_NETWORK_STACK); final int uidRules; final boolean isBackgroundRestricted; synchronized (mUidRulesFirstLock) { Loading Loading @@ -5327,32 +5328,6 @@ public class NetworkPolicyManagerService extends INetworkPolicyManager.Stub { && !hasRule(uidRules, RULE_TEMPORARY_ALLOW_METERED); } /** * @return true if networking is blocked on the given interface for the given uid according * to current networking policies. */ @Override public boolean isUidNetworkingBlocked(int uid, String ifname) { final long startTime = mStatLogger.getTime(); final int uidRules; final boolean isBackgroundRestricted; synchronized (mUidRulesFirstLock) { uidRules = mUidRules.get(uid, RULE_NONE); isBackgroundRestricted = mRestrictBackground; } final boolean isNetworkMetered; synchronized (mMeteredIfacesLock) { isNetworkMetered = mMeteredIfaces.contains(ifname); } final boolean ret = isUidNetworkingBlockedInternal(uid, uidRules, isNetworkMetered, isBackgroundRestricted, mLogger); mStatLogger.logDurationStat(Stats.IS_UID_NETWORKING_BLOCKED, startTime); return ret; } @Override public void onTempPowerSaveWhitelistChange(int appId, boolean added) { synchronized (mUidRulesFirstLock) { Loading
