Add 3rd deny firewall chain for OEM

Bug: 208371987 Test: atest CtsNetTestCases:android.net.cts.ConnectivityManagerTest#testFirewallBlocking ConnectivityServiceTest Change-Id: Ib521fa02f6a19270cb88a3d85321bda822516c78
2022-06-06 07:44:05 +00:00
parent 9424810659
commit 1d9054ba5f
10 changed files with 40 additions and 2 deletions
--- a/service/src/com/android/server/ConnectivityService.java
+++ b/service/src/com/android/server/ConnectivityService.java
@@ -11361,6 +11361,7 @@ public class ConnectivityService extends IConnectivityManager.Stub
            case ConnectivityManager.FIREWALL_CHAIN_STANDBY:
            case ConnectivityManager.FIREWALL_CHAIN_OEM_DENY_1:
            case ConnectivityManager.FIREWALL_CHAIN_OEM_DENY_2:
+            case ConnectivityManager.FIREWALL_CHAIN_OEM_DENY_3:
                defaultRule = FIREWALL_RULE_ALLOW;
                break;
            case ConnectivityManager.FIREWALL_CHAIN_DOZABLE:
@@ -11416,6 +11417,9 @@ public class ConnectivityService extends IConnectivityManager.Stub
                case ConnectivityManager.FIREWALL_CHAIN_OEM_DENY_2:
                    mBpfNetMaps.replaceUidChain("fw_oem_deny_2", false /* isAllowList */, uids);
                    break;
+                case ConnectivityManager.FIREWALL_CHAIN_OEM_DENY_3:
+                    mBpfNetMaps.replaceUidChain("fw_oem_deny_3", false /* isAllowList */, uids);
+                    break;
                default:
                    throw new IllegalArgumentException("replaceFirewallChain with invalid chain: "
                            + chain);