diff options
| author | 2024-07-31 17:47:58 -0700 | |
|---|---|---|
| committer | 2024-08-07 17:32:14 +0000 | |
| commit | da8a8cb6ea581986e7f0ba2c8c3462b2d66492fc (patch) | |
| tree | 49bf1829699f562a1cd44ba7dfe689864a7b15d6 /libs/androidfw/misc.cpp | |
| parent | 0e03926c02ef05035a7e97109ba7cfbd828df834 (diff) | |
Do not apply background rules for core uids
Core uids are exempt from firewalls by the underlying stack, so they
will always be allowed network.
Similarly, apps without the INTERNET permission cannot access network
regardless of firewall rules.
Currently, the code is fragmented in applying rules to these uids.
To make debugging and code maintenance easier, we want to be consistent
by never setting any rules for such uids.
Once the feature is enabled and tested, upstream code paths for all
firewall rules can be simplified to use the same check.
Flag: com.android.server.net.never_apply_rules_to_core_uids
Test: atest FrameworksServicesTests:NetworkPolicyManagerServiceTest
BYPASS_INCLUSIVE_LANGUAGE_REASON=Existing methods
Bug: 356956588
Change-Id: Ibe50b806a0632d09772e7e2e8deea6d2fefdc946
Diffstat (limited to 'libs/androidfw/misc.cpp')
0 files changed, 0 insertions, 0 deletions