Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Skip to content
Commit 098116b9 authored by Ken Chen's avatar Ken Chen
Browse files

Make DNS query fail-fast when network access is restricted 

There are many functions that limit the app's network access, such as
doze mode, battery saver, etc. Before this commit, the DNS resolver had
no relevant information, it would send data and rely on the BPF program
in Kernel to block the sending. This has two problems:  (1) Waste of CPU
resources. (2) Private DNS should be but is not restricted by those
features.

In this commit, the DNS resolver calls a function in a new added library
to know whether apps are blocked by network restriction rules. If so, it
returns failures early for both plaintext and encrypted queries.

Bug: 288340533
Test: Auto test TBD
Test: Manually test
      1. Install a test app that keeps sending DNS in background.
      2. Force enable doze mode by adb commands.
      3. Check that DNS query results of the test app is failed.
      4. Add the test app into white list.
      5. Check that DNS query results of the test app is successful.
Change-Id: I58b0f5e5ff0494f8d190ef601b984a96b2673911
parent 43ed0040
Show whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment