Android/frameworks_base
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge "Remove duplicated code to push firewall UID rules." into nyc-dev am: 0048fac

Browse Source 
am: b52c32a

* commit 'b52c32ad6cbc678531f8310090edbd25a8092561':
  Remove duplicated code to push firewall UID rules.
This commit is contained in:
Lorenzo Colitti
2016-03-25 08:49:30 +00:00
committed by android-build-merger
parent 7ecd343628 b52c32ad6c
commit b464c49535
1 changed files with 27 additions and 42 deletions
Download Patch File Download Diff File Expand all files Collapse all files

69
services/core/java/com/android/server/NetworkManagementService.java
View File

@@ -513,6 +513,28 @@ public class NetworkManagementService extends INetworkManagementService.Stub
}
}
// Sync the state of the given chain with the native daemon.
private void syncFirewallChainLocked(int chain, SparseIntArray uidFirewallRules, String name) {
int size = uidFirewallRules.size();
if (size > 0) {
// Make a copy of the current rules, and then clear them. This is because
// setFirewallUidRuleInternal only pushes down rules to the native daemon if they are
// different from the current rules stored in the mUidFirewall*Rules array for the
// specified chain. If we don't clear the rules, setFirewallUidRuleInternal will do
// nothing.
final SparseIntArray rules = uidFirewallRules.clone();
uidFirewallRules.clear();
// Now push the rules. setFirewallUidRuleInternal will push each of these down to the
// native daemon, and also add them to the mUidFirewall*Rules array for the specified
// chain.
if (DBG) Slog.d(TAG, "Pushing " + size + " active firewall " + name + "UID rules");
for (int i = 0; i < rules.size(); i++) {
setFirewallUidRuleInternal(chain, rules.keyAt(i), rules.valueAt(i));
}
}
}
/**
* Prepare native daemon once connected, enabling modules and pushing any
* existing in-memory rules.
@@ -603,55 +625,18 @@ public class NetworkManagementService extends INetworkManagementService.Stub
setFirewallEnabled(mFirewallEnabled || LockdownVpnTracker.isEnabled());
size = mUidFirewallRules.size();
if (size > 0) {
if (DBG) Slog.d(TAG, "Pushing " + size + " active firewall UID rules");
final SparseIntArray uidFirewallRules = mUidFirewallRules;
mUidFirewallRules = new SparseIntArray();
for (int i = 0; i < uidFirewallRules.size(); i++) {
setFirewallUidRuleInternal(FIREWALL_CHAIN_NONE, uidFirewallRules.keyAt(i),
uidFirewallRules.valueAt(i));
}
}
syncFirewallChainLocked(FIREWALL_CHAIN_NONE, mUidFirewallRules, "");
syncFirewallChainLocked(FIREWALL_CHAIN_STANDBY, mUidFirewallStandbyRules, "standby ");
syncFirewallChainLocked(FIREWALL_CHAIN_DOZABLE, mUidFirewallDozableRules, "dozable ");
syncFirewallChainLocked(FIREWALL_CHAIN_POWERSAVE, mUidFirewallPowerSaveRules,
"powersave ");
size = mUidFirewallStandbyRules.size();
if (size > 0) {
if (DBG) Slog.d(TAG, "Pushing " + size + " active firewall standby UID rules");
final SparseIntArray uidFirewallRules = mUidFirewallStandbyRules;
mUidFirewallStandbyRules = new SparseIntArray();
for (int i = 0; i < uidFirewallRules.size(); i++) {
setFirewallUidRuleInternal(FIREWALL_CHAIN_STANDBY, uidFirewallRules.keyAt(i),
uidFirewallRules.valueAt(i));
}
}
if (mFirewallChainStates.get(FIREWALL_CHAIN_STANDBY)) {
setFirewallChainEnabled(FIREWALL_CHAIN_STANDBY, true);
}
size = mUidFirewallDozableRules.size();
if (size > 0) {
if (DBG) Slog.d(TAG, "Pushing " + size + " active firewall dozable UID rules");
final SparseIntArray uidFirewallRules = mUidFirewallDozableRules;
mUidFirewallDozableRules = new SparseIntArray();
for (int i = 0; i < uidFirewallRules.size(); i++) {
setFirewallUidRuleInternal(FIREWALL_CHAIN_DOZABLE, uidFirewallRules.keyAt(i),
uidFirewallRules.valueAt(i));
}
}
if (mFirewallChainStates.get(FIREWALL_CHAIN_DOZABLE)) {
setFirewallChainEnabled(FIREWALL_CHAIN_DOZABLE, true);
}
size = mUidFirewallPowerSaveRules.size();
if (size > 0) {
Slog.d(TAG, "Pushing " + size + " active firewall powersave UID rules");
final SparseIntArray uidFirewallRules = mUidFirewallPowerSaveRules;
mUidFirewallPowerSaveRules = new SparseIntArray();
for (int i = 0; i < uidFirewallRules.size(); i++) {
setFirewallUidRuleInternal(FIREWALL_CHAIN_POWERSAVE, uidFirewallRules.keyAt(i),
uidFirewallRules.valueAt(i));
}
}
if (mFirewallChainStates.get(FIREWALL_CHAIN_POWERSAVE)) {
setFirewallChainEnabled(FIREWALL_CHAIN_POWERSAVE, true);
}