diff options
| -rw-r--r-- | services/core/java/com/android/server/net/NetworkPolicyManagerService.java | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/services/core/java/com/android/server/net/NetworkPolicyManagerService.java b/services/core/java/com/android/server/net/NetworkPolicyManagerService.java index b2e6adfd028a..21fb304bd2ef 100644 --- a/services/core/java/com/android/server/net/NetworkPolicyManagerService.java +++ b/services/core/java/com/android/server/net/NetworkPolicyManagerService.java @@ -2298,12 +2298,23 @@ public class NetworkPolicyManagerService extends INetworkPolicyManager.Stub { uidRules.clear(); // Fully update the app idle firewall chain. + final IPackageManager ipm = AppGlobals.getPackageManager(); final List<UserInfo> users = mUserManager.getUsers(); for (int ui = users.size() - 1; ui >= 0; ui--) { UserInfo user = users.get(ui); int[] idleUids = mUsageStats.getIdleUidsForUser(user.id); for (int uid : idleUids) { if (!mPowerSaveTempWhitelistAppIds.get(UserHandle.getAppId(uid), false)) { + // quick check: if this uid doesn't have INTERNET permission, it + // doesn't have network access anyway, so it is a waste to mess + // with it here. + try { + if (ipm.checkUidPermission(Manifest.permission.INTERNET, uid) + != PackageManager.PERMISSION_GRANTED) { + continue; + } + } catch (RemoteException e) { + } uidRules.put(uid, FIREWALL_RULE_DENY); } } |