Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 5294a2fc authored by Jeff Sharkey's avatar Jeff Sharkey
Browse files

Relax global restrict for system services. 

Since we control system services, we can ensure they are using little
data when data usage is globally restricted.  Continue restricting
AID_MEDIA and AID_DRM, since they respond to app requests.

Bug: 6377903, 5772564
Change-Id: I196bf334f903397ea6a67e6802240ee792e47b54
parent af772be3

core/java/android/os/Process.java

+6 −0
Original line number Diff line number Diff line
@@ -91,6 +91,12 @@ public class Process { 
     */

    public static final int MEDIA_UID = 1013;



    /**

     * Defines the UID/GID for the DRM process.

     * @hide

     */

    public static final int DRM_UID = 1019;



    /**

     * Defines the GID for the group that allows write access to the SD card.

     * @hide

services/java/com/android/server/net/NetworkPolicyManagerService.java

+15 −14
Original line number Diff line number Diff line
@@ -1665,20 +1665,9 @@ public class NetworkPolicyManagerService extends INetworkPolicyManager.Stub { 
            updateRulesForAppLocked(appId);

        }



        // and catch system UIDs

        // TODO: keep in sync with android_filesystem_config.h

        for (int uid = 1000; uid <= 1025; uid++) {

            updateRulesForUidLocked(uid);

        }

        for (int uid = 2000; uid <= 2002; uid++) {

            updateRulesForUidLocked(uid);

        }

        for (int uid = 3000; uid <= 3007; uid++) {

            updateRulesForUidLocked(uid);

        }

        for (int uid = 9998; uid <= 9999; uid++) {

            updateRulesForUidLocked(uid);

        }

        // limit data usage for some internal system services

        updateRulesForUidLocked(android.os.Process.MEDIA_UID);

        updateRulesForUidLocked(android.os.Process.DRM_UID);

    }



    private void updateRulesForAppLocked(int appId) {
@@ -1688,7 +1677,19 @@ public class NetworkPolicyManagerService extends INetworkPolicyManager.Stub { 
        }

    }



    private static boolean isUidValidForRules(int uid) {

        // allow rules on specific system services, and any apps

        if (uid == android.os.Process.MEDIA_UID || uid == android.os.Process.DRM_UID

                || UserId.isApp(uid)) {

            return true;

        }



        return false;

    }



    private void updateRulesForUidLocked(int uid) {

        if (!isUidValidForRules(uid)) return;



        final int appId = UserId.getAppId(uid);

        final int appPolicy = getAppPolicy(appId);

        final boolean uidForeground = isUidForeground(uid);