Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit c2c2f590 authored by Tommy Webb's avatar Tommy Webb Committed by Chirayu Desai
Browse files

Revert "Fix network leaks with split-tunnel VPNs" 

This reverts commit 70cc90b9.

Reason for revert: Causes random reboots without further thread-safety alterations to the patch it was applied on top of, *and* does not fully resolve the problems it intends to (further work needed)

Change-Id: Ia8ba3f12042745d04457cc5581edbc5d38e6154b
parent 58a632b1

services/core/java/com/android/server/net/NetworkPolicyManagerService.java

+0 −12
Original line number Diff line number Diff line
@@ -1888,18 +1888,6 @@ public class NetworkPolicyManagerService extends INetworkPolicyManager.Stub { 
        updateSubscriptions();



        synchronized (mUidRulesFirstLock) {

            /* With split-tunnel VPNs (those that only include specific apps),

             * the usual NetworkCallback handlers are never called, because the call to

             * registerDefaultNetworkCallbackForUid only detects changes that affect this

             * process; if this process is not covered by the VPN, it won't get callbacks.

             * Ordinarily, updateRestrictedModeAllowlistUL() would be called from those.

             * Firewall restrictions for apps will not be updated properly on VPN connect

             * or disconnect if we don't call it from somewhere else, like here. */

            // TODO: Come up with an appropriate callback that runs more promptly.

            // updateNetworksInternal runs later than NetworkCallback handlers run, so

            // this may present a window of opportunity for unauthorized network access.

            updateRestrictedModeAllowlistUL();



            synchronized (mNetworkPoliciesSecondLock) {

                ensureActiveCarrierPolicyAL();

                normalizePoliciesNL();