From ad6a32fe34c2ceb29eb4bdbae3ca34a640fe4418 Mon Sep 17 00:00:00 2001
From: Chiachang Wang <chiachangwang@google.com>
Date: Thu, 14 Dec 2023 11:49:47 +0000
Subject: Replace calls for updating permission to protect sockets from VPN

NetworkManagementService is deprecated and the calls to NMS are
expected to move to INetd if possible. The implementation for
denyProtect() and allowProtect() redirect the calls to INetd.
The permission enforcement checks the context inside NMS which
is irrevalent to the caller. Thus, this commit acts as a no-op
change.

Bug: 316253925
Test: atest FrameworksNetTests
Change-Id: I2febc7124ef182f544407015bae0765bc55d7cde
---
 services/core/java/com/android/server/connectivity/Vpn.java | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/services/core/java/com/android/server/connectivity/Vpn.java b/services/core/java/com/android/server/connectivity/Vpn.java
index aef224843b2f..660a2ee22ade 100644
--- a/services/core/java/com/android/server/connectivity/Vpn.java
+++ b/services/core/java/com/android/server/connectivity/Vpn.java
@@ -1431,7 +1431,7 @@ public class Vpn {
             }
 
             try {
-                mNms.denyProtect(mOwnerUID);
+                mNetd.networkSetProtectDeny(mOwnerUID);
             } catch (Exception e) {
                 Log.wtf(TAG, "Failed to disallow UID " + mOwnerUID + " to call protect() " + e);
             }
@@ -1441,7 +1441,7 @@ public class Vpn {
             mOwnerUID = getAppUid(mContext, newPackage, mUserId);
             mIsPackageTargetingAtLeastQ = doesPackageTargetAtLeastQ(newPackage);
             try {
-                mNms.allowProtect(mOwnerUID);
+                mNetd.networkSetProtectAllow(mOwnerUID);
             } catch (Exception e) {
                 Log.wtf(TAG, "Failed to allow UID " + mOwnerUID + " to call protect() " + e);
             }
-- 
cgit v1.2.3-59-g8ed1b