Implement backup/restore for network policy

    void factoryReset(String subscriber);

    boolean isUidNetworkingBlocked(int uid, boolean meteredNetwork);

    byte[] getBackupPayload();

    void applyRestore(in byte[] payload);

}

/*

 * Copyright (C) 2021 The Calyx Institute

 *

 * Licensed under the Apache License, Version 2.0 (the "License");

 * you may not use this file except in compliance with the License.

 * You may obtain a copy of the License at

 *

 *      http://www.apache.org/licenses/LICENSE-2.0

 *

 * Unless required by applicable law or agreed to in writing, software

 * distributed under the License is distributed on an "AS IS" BASIS,

 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

 * See the License for the specific language governing permissions and

 * limitations under the License.

 */

package com.android.server.backup;

import android.app.backup.BlobBackupHelper;

import android.content.Context;

import android.net.INetworkPolicyManager;

import android.os.ServiceManager;

import android.util.Log;

import android.util.Slog;

public class NetworkPolicyBackupHelper extends BlobBackupHelper {

    private static final String TAG = "NetworkPolicyBackupHelper";

    private static final boolean DEBUG = Log.isLoggable(TAG, Log.DEBUG);

    // Current version of the blob schema

    static final int BLOB_VERSION = 1;

    // Key under which the payload blob is stored

    static final String KEY_NETWORK_POLICY = "network_policy";

    public NetworkPolicyBackupHelper() {

        super(BLOB_VERSION, KEY_NETWORK_POLICY);

    }

    @Override

    protected byte[] getBackupPayload(String key) {

        byte[] newPayload = null;

        if (KEY_NETWORK_POLICY.equals(key)) {

            try {

                INetworkPolicyManager npm = INetworkPolicyManager.Stub.asInterface(

                        ServiceManager.getService(Context.NETWORK_POLICY_SERVICE));

                newPayload = npm.getBackupPayload();

            } catch (Exception e) {

                // Treat as no data

                Slog.e(TAG, "Couldn't communicate with network policy manager");

                newPayload = null;

            }

        }

        return newPayload;

    }

    @Override

    protected void applyRestoredPayload(String key, byte[] payload) {

        if (DEBUG) {

            Slog.v(TAG, "Got restore of " + key);

        }

        if (KEY_NETWORK_POLICY.equals(key)) {

            try {

                INetworkPolicyManager.Stub.asInterface(

                        ServiceManager.getService(Context.NETWORK_POLICY_SERVICE))

                        .applyRestore(payload);

            } catch (Exception e) {

                Slog.e(TAG, "Couldn't communicate with network policy manager");

            }

        }

    }

}

    private static final String ACCOUNT_MANAGER_HELPER = "account_manager";

    private static final String SLICES_HELPER = "slices";

    private static final String PEOPLE_HELPER = "people";

    private static final String NETWORK_POLICY_HELPER = "network_policy";

    // These paths must match what the WallpaperManagerService uses.  The leaf *_FILENAME

    // are also used in the full-backup file format, so must not change unless steps are

        addHelper(ACCOUNT_MANAGER_HELPER, new AccountManagerBackupHelper());

        addHelper(SLICES_HELPER, new SliceBackupHelper(this));

        addHelper(PEOPLE_HELPER, new PeopleBackupHelper(mUserId));

        addHelper(NETWORK_POLICY_HELPER, new NetworkPolicyBackupHelper());

    }

    @Override

import org.xmlpull.v1.XmlPullParserException;

import org.xmlpull.v1.XmlSerializer;

import java.io.ByteArrayInputStream;

import java.io.ByteArrayOutputStream;

import java.io.File;

import java.io.FileDescriptor;

import java.io.FileInputStream;

    private static final String ATTR_OWNER_PACKAGE = "ownerPackage";

    private static final String ATTR_NETWORK_TYPES = "networkTypes";

    private static final String ATTR_XML_UTILS_NAME = "name";

    private static final String ATTR_USER_ID = "userId";

    private static final String ACTION_ALLOW_BACKGROUND =

            "com.android.server.net.action.ALLOW_BACKGROUND";

        FileInputStream fis = null;

        try {

            fis = mPolicyFile.openRead();

            readPolicyXml(fis);

            readPolicyXml(fis, false);

        } catch (FileNotFoundException e) {

            // missing policy is okay, probably first boot

            upgradeDefaultBackgroundDataUL();

        }

    }

    private void readPolicyXml(InputStream inputStream) {

    private void readPolicyXml(InputStream inputStream, boolean forRestore) throws IOException,

            XmlPullParserException {

        final XmlPullParser in = Xml.newPullParser();

        in.setInput(inputStream, StandardCharsets.UTF_8.name());

                            SubscriptionPlan.class, mSubscriptionPlans.get(subId), plan));

                    mSubscriptionPlansOwner.put(subId, ownerPackage);

                } else if (TAG_UID_POLICY.equals(tag)) {

                    final int uid = readIntAttribute(in, ATTR_UID);

                    int uid = readUidAttribute(in, forRestore);

                    final int policy = readIntAttribute(in, ATTR_POLICY);

                    if (UserHandle.isApp(uid)) {

                } else if (TAG_WHITELIST.equals(tag)) {

                    insideWhitelist = true;

                } else if (TAG_RESTRICT_BACKGROUND.equals(tag) && insideWhitelist) {

                    final int uid = readIntAttribute(in, ATTR_UID);

                    int uid = readUidAttribute(in, forRestore);

                    whitelistedRestrictBackground.append(uid, true);

                } else if (TAG_REVOKED_RESTRICT_BACKGROUND.equals(tag) && insideWhitelist) {

                    final int uid = readIntAttribute(in, ATTR_UID);

                    int uid = readUidAttribute(in, forRestore);

                    mRestrictBackgroundWhitelistRevokedUids.put(uid, true);

                }

            } else if (type == END_TAG) {

        FileOutputStream fos = null;

        try {

            fos = mPolicyFile.startWrite();

            writePolicyXml(fos);

            writePolicyXml(fos, false);

            mPolicyFile.finishWrite(fos);

        } catch (IOException e) {

            if (fos != null) {

        }

    }

    private void writePolicyXml(OutputStream outputStream) {

    private void writePolicyXml(OutputStream outputStream, boolean forBackup) throws IOException {

        XmlSerializer out = new FastXmlSerializer();

        out.setOutput(outputStream, StandardCharsets.UTF_8.name());

        out.startDocument(null, true);

            if (policy == POLICY_NONE) continue;

            out.startTag(null, TAG_UID_POLICY);

            if (!forBackup) {

                writeIntAttribute(out, ATTR_UID, uid);

            } else {

                writeStringAttribute(out, ATTR_XML_UTILS_NAME, getPackageForUid(uid));

                writeIntAttribute(out, ATTR_USER_ID, UserHandle.getUserId(uid));

            }

            writeIntAttribute(out, ATTR_POLICY, policy);

            out.endTag(null, TAG_UID_POLICY);

        }

        for (int i = 0; i < size; i++) {

            final int uid = mRestrictBackgroundWhitelistRevokedUids.keyAt(i);

            out.startTag(null, TAG_REVOKED_RESTRICT_BACKGROUND);

            if (!forBackup) {

                writeIntAttribute(out, ATTR_UID, uid);

            } else {

                writeStringAttribute(out, ATTR_XML_UTILS_NAME, getPackageForUid(uid));

                writeIntAttribute(out, ATTR_USER_ID, UserHandle.getUserId(uid));

            }

            out.endTag(null, TAG_REVOKED_RESTRICT_BACKGROUND);

        }

        out.endDocument();

    }

    @Override

    public byte[] getBackupPayload() {

        enforceSystemCaller();

        if (LOGD) Slog.d(TAG, "getBackupPayload");

        final ByteArrayOutputStream baos = new ByteArrayOutputStream();

        try {

            writePolicyXml(baos, true);

            return baos.toByteArray();

        } catch (IOException e) {

            Slog.w(TAG, "getBackupPayload: error writing payload", e);

        }

        return null;

    }

    @Override

    public void applyRestore(byte[] payload) {

        enforceSystemCaller();

        if (LOGD) Slog.d(TAG, "applyRestore payload="

                + (payload != null ? new String(payload, StandardCharsets.UTF_8) : null));

        if (payload == null) {

            Slog.w(TAG, "applyRestore: no payload to restore");

            return;

        }

        // clear any existing policy and read from disk

        mNetworkPolicy.clear();

        mSubscriptionPlans.clear();

        mSubscriptionPlansOwner.clear();

        mUidPolicy.clear();

        final ByteArrayInputStream bais = new ByteArrayInputStream(payload);

        try {

            readPolicyXml(bais, true);

        } catch (IOException | XmlPullParserException e) {

            Slog.w(TAG, "applyRestore: error reading payload", e);

        }

    }

    @Override

    public void setUidPolicy(int uid, int policy) {

        mContext.enforceCallingOrSelfPermission(MANAGE_NETWORK_POLICY, TAG);

        }

    }

    private void enforceSystemCaller() {

        if (Binder.getCallingUid() != android.os.Process.SYSTEM_UID) {

            throw new SecurityException("Caller must be system");

        }

    }

    @Override

    public void registerListener(INetworkPolicyListener listener) {

        // TODO: Remove CONNECTIVITY_INTERNAL and the *AnyPermissionOf methods above after all apps

        }

    }

    private int readUidAttribute(XmlPullParser in, boolean forRestore) throws IOException {

        if (!forRestore) {

            return readIntAttribute(in, ATTR_UID);

        } else {

            return getUidForPackage(readStringAttribute(in, ATTR_XML_UTILS_NAME),

                    readIntAttribute(in, ATTR_USER_ID));

        }

    }

    private String getPackageForUid(int uid) {

        return mContext.getPackageManager().getPackagesForUid(uid)[0];

    }

    private int getUidForPackage(String packageName, int userId) {

        try {

            return mContext.getPackageManager().getPackageUidAsUser(packageName,