diff options
| author | Patrick Rohr <prohr@google.com> | 2020-10-23 13:51:00 +0200 |
|---|---|---|
| committer | Patrick Rohr <prohr@google.com> | 2021-01-12 11:59:17 +0000 |
| commit | 048bc5ea80b0b7b75988df2362945ea7cff59ed7 (patch) | |
| tree | ffc185264b7807177f3d1da218920264eab32aec /packages/SettingsProvider | |
| parent | e944af5bd6c562bdaaa2ee69a25cf541c3f29cff (diff) | |
Add Restricted Mode handling to NetworkPolicyManager
Adds Restricted Mode functionality to NetworkPolicyManager. When this
mode is turned on (via setting), only apps with
android.permission.CONNECTIVITY_USE_RESTRICTED_NETWORKS will be able to
use the network. For all other apps, the network will be blocked by the
firewall. This is controlled by a new allowlist firewall chain
fw_restricted_mode.
As a first step, this implementation still requires a reboot after the
enabling / disabling the mode to take effect. I will provide the dynamic
configuration in the next CL.
Test: atest CtsHostsideNetworkTests && atest
NetworkPolicyManagerServiceTest
Bug: 170322816
Bug: 157505406
Bug: 170322455
Bug: 175281879
Exempt-From-Owner-Approval: Change already merged on internal gerrit.
Change-Id: I0731fa842c69683953baaf9ec3a9a03454f4c607
Merged-In: I0731fa842c69683953baaf9ec3a9a03454f4c607
Diffstat (limited to 'packages/SettingsProvider')
| -rw-r--r-- | packages/SettingsProvider/src/android/provider/settings/validators/GlobalSettingsValidators.java | 1 | ||||
| -rw-r--r-- | packages/SettingsProvider/test/src/android/provider/SettingsBackupTest.java | 1 |
2 files changed, 2 insertions, 0 deletions
diff --git a/packages/SettingsProvider/src/android/provider/settings/validators/GlobalSettingsValidators.java b/packages/SettingsProvider/src/android/provider/settings/validators/GlobalSettingsValidators.java index dd94d2eb8fe0..c559678d4005 100644 --- a/packages/SettingsProvider/src/android/provider/settings/validators/GlobalSettingsValidators.java +++ b/packages/SettingsProvider/src/android/provider/settings/validators/GlobalSettingsValidators.java @@ -149,5 +149,6 @@ public class GlobalSettingsValidators { VALIDATORS.put(Global.CUSTOM_BUGREPORT_HANDLER_APP, ANY_STRING_VALIDATOR); VALIDATORS.put(Global.CUSTOM_BUGREPORT_HANDLER_USER, ANY_INTEGER_VALIDATOR); VALIDATORS.put(Global.DEVELOPMENT_SETTINGS_ENABLED, BOOLEAN_VALIDATOR); + VALIDATORS.put(Global.RESTRICTED_NETWORKING_MODE, BOOLEAN_VALIDATOR); } } diff --git a/packages/SettingsProvider/test/src/android/provider/SettingsBackupTest.java b/packages/SettingsProvider/test/src/android/provider/SettingsBackupTest.java index 5ecb17102438..1345c3f071c7 100644 --- a/packages/SettingsProvider/test/src/android/provider/SettingsBackupTest.java +++ b/packages/SettingsProvider/test/src/android/provider/SettingsBackupTest.java @@ -420,6 +420,7 @@ public class SettingsBackupTest { Settings.Global.RADIO_WIMAX, Settings.Global.RECOMMENDED_NETWORK_EVALUATOR_CACHE_EXPIRY_MS, Settings.Global.READ_EXTERNAL_STORAGE_ENFORCED_DEFAULT, + Settings.Global.RESTRICTED_NETWORKING_MODE, Settings.Global.REQUIRE_PASSWORD_TO_DECRYPT, Settings.Global.SAFE_BOOT_DISALLOWED, Settings.Global.SELINUX_STATUS, |