Push firewall rules up to ConnectivityService.

getActiveNetworkInfo() and friends already know how to augment their results to help apps detect when network access is blocked. This change wires up the new app-idle and device-idle firewall rules to be reported through these APIs. This also causes other platform tools like DownloadManager and SyncManager to respect these new policies. Bug: 24050462 Change-Id: Id9517b0b70be7e3ca2ab27bed8049db916e4d829
2015-09-14 10:09:47 -07:00
parent b7993df3ba
commit f866a7077d
1 changed files with 6 additions and 6 deletions
--- a/services/core/java/com/android/server/ConnectivityService.java
+++ b/services/core/java/com/android/server/ConnectivityService.java
@@ -946,14 +946,14 @@ public class ConnectivityService extends IConnectivityManager.Stub
            uidRules = mUidRules.get(uid, RULE_ALLOW_ALL);
        }

-        if ((uidRules & RULE_REJECT_ALL) != 0
-                || (networkCostly && (uidRules & RULE_REJECT_METERED) != 0)) {
+        if (uidRules == RULE_REJECT_ALL) {
            return true;
-        }
-
-        // no restrictive rules; network is visible
+        } else if ((uidRules == RULE_REJECT_METERED) && networkCostly) {
+            return true;
+        } else {
            return false;
        }
+    }

    /**
     * Return a filtered {@link NetworkInfo}, potentially marked
@@ -3707,7 +3707,7 @@ public class ConnectivityService extends IConnectivityManager.Stub
            synchronized(mRulesLock) {
                uidRules = mUidRules.get(uid, RULE_ALLOW_ALL);
            }
-            if ((uidRules & (RULE_REJECT_METERED | RULE_REJECT_ALL)) != 0) {
+            if (uidRules != RULE_ALLOW_ALL) {
                // we could silently fail or we can filter the available nets to only give
                // them those they have access to.  Chose the more useful
                networkCapabilities.addCapability(NET_CAPABILITY_NOT_METERED);