LineageOS/android_packages_modules_Connectivity
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge "Push firewall rules up to ConnectivityService." into mnc-dr-dev

Browse Source
This commit is contained in:
Jeff Sharkey
2015-10-12 16:34:19 +00:00
committed by Android (Google) Code Review
parent 9f22f069e6 f866a7077d
commit 114f3fe265
1 changed files with 6 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
services/core/java/com/android/server/ConnectivityService.java
View File

@@ -946,13 +946,13 @@ public class ConnectivityService extends IConnectivityManager.Stub
uidRules = mUidRules.get(uid, RULE_ALLOW_ALL); uidRules = mUidRules.get(uid, RULE_ALLOW_ALL);
} }
if ((uidRules & RULE_REJECT_ALL) != 0 if (uidRules == RULE_REJECT_ALL) {
|| (networkCostly && (uidRules & RULE_REJECT_METERED) != 0)) {
return true; return true;
} else if ((uidRules == RULE_REJECT_METERED) && networkCostly) {
return true;
} else {
return false;
} }
// no restrictive rules; network is visible
return false;
} }
/** /**
@@ -3724,7 +3724,7 @@ public class ConnectivityService extends IConnectivityManager.Stub
synchronized(mRulesLock) { synchronized(mRulesLock) {
uidRules = mUidRules.get(uid, RULE_ALLOW_ALL); uidRules = mUidRules.get(uid, RULE_ALLOW_ALL);
} }
if ((uidRules & (RULE_REJECT_METERED | RULE_REJECT_ALL)) != 0) { if (uidRules != RULE_ALLOW_ALL) {
// we could silently fail or we can filter the available nets to only give // we could silently fail or we can filter the available nets to only give
// them those they have access to. Chose the more useful // them those they have access to. Chose the more useful
networkCapabilities.addCapability(NET_CAPABILITY_NOT_METERED); networkCapabilities.addCapability(NET_CAPABILITY_NOT_METERED);