Merge "Added option to reset network policies for a given user." into nyc-dev

am: 28309fec2f * commit '28309fec2f104e181c22ab03ba3cec7f8756e4b7': Added option to reset network policies for a given user. Change-Id: Ib359e3552105788e920ad28a4b6a13ee0e2e0a44
2016-05-03 18:13:30 +00:00
parent d52d18eede 28309fec2f
commit b52a4aabde
3 changed files with 71 additions and 14 deletions
--- a/services/core/java/com/android/server/net/NetworkPolicyManagerInternal.java
+++ b/services/core/java/com/android/server/net/NetworkPolicyManagerInternal.java
@@ -0,0 +1,30 @@
+/*
+ * Copyright (C) 2016 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.android.server.net;
+
+/**
+ * Network Policy Manager local system service interface.
+ *
+ * @hide Only for use within the system server.
+ */
+public abstract class NetworkPolicyManagerInternal {
+
+    /**
+     * Resets all policies associated with a given user.
+     */
+    public abstract void resetUserState(int userId);
+}
--- a/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
+++ b/services/core/java/com/android/server/net/NetworkPolicyManagerService.java
@@ -406,6 +406,10 @@ public class NetworkPolicyManagerService extends INetworkPolicyManager.Stub {
        mAppOps = context.getSystemService(AppOpsManager.class);

        mPackageMonitor = new MyPackageMonitor();
+
+        // Expose private service for system components to use.
+        LocalServices.addService(NetworkPolicyManagerInternal.class,
+                new NetworkPolicyManagerInternalImpl());
    }

    public void bindConnectivityManager(IConnectivityManager connManager) {
@@ -742,7 +746,7 @@ public class NetworkPolicyManagerService extends INetworkPolicyManager.Stub {
                    synchronized (mRulesLock) {
                        // Remove any persistable state for the given user; both cleaning up after a
                        // USER_REMOVED, and one last sanity check during USER_ADDED
-                        removeUserStateLocked(userId);
+                        removeUserStateLocked(userId, true);
                        if (action == ACTION_USER_ADDED) {
                            // Add apps that are whitelisted by default.
                            addDefaultRestrictBackgroundWhitelistUidsLocked(userId);
@@ -1742,12 +1746,13 @@ public class NetworkPolicyManagerService extends INetworkPolicyManager.Stub {
    }

    /**
-     * Remove any persistable state associated with given {@link UserHandle}, persisting
-     * if any changes are made.
+     * Removes any persistable state associated with given {@link UserHandle}, persisting
+     * if any changes that are made.
     */
-    void removeUserStateLocked(int userId) {
+    boolean removeUserStateLocked(int userId, boolean writePolicy) {
+
        if (LOGV) Slog.v(TAG, "removeUserStateLocked()");
-        boolean writePolicy = false;
+        boolean changed = false;

        // Remove entries from restricted background UID whitelist
        int[] wlUids = new int[0];
@@ -1762,7 +1767,7 @@ public class NetworkPolicyManagerService extends INetworkPolicyManager.Stub {
            for (int uid : wlUids) {
                removeRestrictBackgroundWhitelistedUidLocked(uid, false, false);
            }
-            writePolicy = true;
+            changed = true;
        }

        // Remove entries from revoked default restricted background UID whitelist
@@ -1770,7 +1775,7 @@ public class NetworkPolicyManagerService extends INetworkPolicyManager.Stub {
            final int uid = mRestrictBackgroundWhitelistRevokedUids.keyAt(i);
            if (UserHandle.getUserId(uid) == userId) {
                mRestrictBackgroundWhitelistRevokedUids.removeAt(i);
-                writePolicy = true;
+                changed = true;
            }
        }

@@ -1787,14 +1792,15 @@ public class NetworkPolicyManagerService extends INetworkPolicyManager.Stub {
            for (int uid : uids) {
                mUidPolicy.delete(uid);
            }
-            writePolicy = true;
+            changed = true;
        }

        updateRulesForGlobalChangeLocked(true);

-        if (writePolicy) {
+        if (writePolicy && changed) {
            writePolicyLocked();
        }
+        return changed;
    }

    @Override
@@ -3295,4 +3301,18 @@ public class NetworkPolicyManagerService extends INetworkPolicyManager.Stub {
            }
        }
    }
+
+    private class NetworkPolicyManagerInternalImpl extends NetworkPolicyManagerInternal {
+
+        @Override
+        public void resetUserState(int userId) {
+            synchronized (mRulesLock) {
+                boolean changed = removeUserStateLocked(userId, false);
+                changed = addDefaultRestrictBackgroundWhitelistUidsLocked(userId) || changed;
+                if (changed) {
+                    writePolicyLocked();
+                }
+            }
+        }
+    }
 }
--- a/services/core/java/com/android/server/pm/PackageManagerService.java
+++ b/services/core/java/com/android/server/pm/PackageManagerService.java
@@ -164,6 +164,7 @@ import android.content.pm.VerifierInfo;
 import android.content.res.Resources;
 import android.graphics.Bitmap;
 import android.hardware.display.DisplayManager;
+import android.net.INetworkPolicyManager;
 import android.net.Uri;
 import android.os.Binder;
 import android.os.Build;
@@ -243,6 +244,7 @@ import com.android.server.LocalServices;
 import com.android.server.ServiceThread;
 import com.android.server.SystemConfig;
 import com.android.server.Watchdog;
+import com.android.server.net.NetworkPolicyManagerInternal;
 import com.android.server.pm.PermissionsState.PermissionState;
 import com.android.server.pm.Settings.DatabaseVersion;
 import com.android.server.pm.Settings.VersionInfo;
@@ -16168,6 +16170,10 @@ public class PackageManagerService extends IPackageManager.Stub {
        }
    }

+    private void resetNetworkPolicies(int userId) {
+        LocalServices.getService(NetworkPolicyManagerInternal.class).resetUserState(userId);
+    }
+
    /**
     * Reverts user permission state changes (permissions and flags).
     *
@@ -16658,10 +16664,10 @@ public class PackageManagerService extends IPackageManager.Stub {
    public void resetApplicationPreferences(int userId) {
        mContext.enforceCallingOrSelfPermission(
                android.Manifest.permission.SET_PREFERRED_APPLICATIONS, null);
+        final long identity = Binder.clearCallingIdentity();
        // writer
-        synchronized (mPackages) {
-            final long identity = Binder.clearCallingIdentity();
-            try {
+        try {
+            synchronized (mPackages) {
                clearPackagePreferredActivitiesLPw(null, userId);
                mSettings.applyDefaultPreferredAppsLPw(this, userId);
                // TODO: We have to reset the default SMS and Phone. This requires
@@ -16673,9 +16679,10 @@ public class PackageManagerService extends IPackageManager.Stub {
                primeDomainVerificationsLPw(userId);
                resetUserChangesToRuntimePermissionsAndFlagsLPw(userId);
                scheduleWritePackageRestrictionsLocked(userId);
-            } finally {
-                Binder.restoreCallingIdentity(identity);
            }
+            resetNetworkPolicies(userId);
+        } finally {
+            Binder.restoreCallingIdentity(identity);
        }
    }