diff options
10 files changed, 228 insertions, 234 deletions
diff --git a/core/java/android/os/INetworkManagementService.aidl b/core/java/android/os/INetworkManagementService.aidl index 0cce19222d27..8f8d451bbe8e 100644 --- a/core/java/android/os/INetworkManagementService.aidl +++ b/core/java/android/os/INetworkManagementService.aidl @@ -287,8 +287,8 @@ interface INetworkManagementService /** * Control network activity of a UID over interfaces with a quota limit. */ - void setUidMeteredNetworkBlacklist(int uid, boolean enable); - void setUidMeteredNetworkWhitelist(int uid, boolean enable); + void setUidMeteredNetworkDenylist(int uid, boolean enable); + void setUidMeteredNetworkAllowlist(int uid, boolean enable); boolean setDataSaverModeEnabled(boolean enable); void setUidCleartextNetworkPolicy(int uid, int policy); diff --git a/services/core/java/com/android/server/NetworkManagementService.java b/services/core/java/com/android/server/NetworkManagementService.java index 0ddfa1c16a0a..97f3b373f63e 100644 --- a/services/core/java/com/android/server/NetworkManagementService.java +++ b/services/core/java/com/android/server/NetworkManagementService.java @@ -185,10 +185,10 @@ public class NetworkManagementService extends INetworkManagementService.Stub { /** Set of interfaces with active alerts. */ @GuardedBy("mQuotaLock") private HashMap<String, Long> mActiveAlerts = Maps.newHashMap(); - /** Set of UIDs blacklisted on metered networks. */ + /** Set of UIDs denylisted on metered networks. */ @GuardedBy("mRulesLock") private SparseBooleanArray mUidRejectOnMetered = new SparseBooleanArray(); - /** Set of UIDs whitelisted on metered networks. */ + /** Set of UIDs allowlisted on metered networks. */ @GuardedBy("mRulesLock") private SparseBooleanArray mUidAllowOnMetered = new SparseBooleanArray(); /** Set of UIDs with cleartext penalties. */ @@ -561,27 +561,27 @@ public class NetworkManagementService extends INetworkManagementService.Stub { synchronized (mRulesLock) { size = mUidRejectOnMetered.size(); if (size > 0) { - if (DBG) Slog.d(TAG, "Pushing " + size + " UIDs to metered blacklist rules"); + if (DBG) Slog.d(TAG, "Pushing " + size + " UIDs to metered denylist rules"); uidRejectOnQuota = mUidRejectOnMetered; mUidRejectOnMetered = new SparseBooleanArray(); } size = mUidAllowOnMetered.size(); if (size > 0) { - if (DBG) Slog.d(TAG, "Pushing " + size + " UIDs to metered whitelist rules"); + if (DBG) Slog.d(TAG, "Pushing " + size + " UIDs to metered allowlist rules"); uidAcceptOnQuota = mUidAllowOnMetered; mUidAllowOnMetered = new SparseBooleanArray(); } } if (uidRejectOnQuota != null) { for (int i = 0; i < uidRejectOnQuota.size(); i++) { - setUidMeteredNetworkBlacklist(uidRejectOnQuota.keyAt(i), + setUidMeteredNetworkDenylist(uidRejectOnQuota.keyAt(i), uidRejectOnQuota.valueAt(i)); } } if (uidAcceptOnQuota != null) { for (int i = 0; i < uidAcceptOnQuota.size(); i++) { - setUidMeteredNetworkWhitelist(uidAcceptOnQuota.keyAt(i), + setUidMeteredNetworkAllowlist(uidAcceptOnQuota.keyAt(i), uidAcceptOnQuota.valueAt(i)); } } @@ -1307,14 +1307,14 @@ public class NetworkManagementService extends INetworkManagementService.Stub { } } - private void setUidOnMeteredNetworkList(int uid, boolean blacklist, boolean enable) { + private void setUidOnMeteredNetworkList(int uid, boolean denylist, boolean enable) { NetworkStack.checkNetworkStackPermission(mContext); synchronized (mQuotaLock) { boolean oldEnable; SparseBooleanArray quotaList; synchronized (mRulesLock) { - quotaList = blacklist ? mUidRejectOnMetered : mUidAllowOnMetered; + quotaList = denylist ? mUidRejectOnMetered : mUidAllowOnMetered; oldEnable = quotaList.get(uid, false); } if (oldEnable == enable) { @@ -1324,7 +1324,7 @@ public class NetworkManagementService extends INetworkManagementService.Stub { Trace.traceBegin(Trace.TRACE_TAG_NETWORK, "inetd bandwidth"); try { - if (blacklist) { + if (denylist) { if (enable) { mNetdService.bandwidthAddNaughtyApp(uid); } else { @@ -1353,12 +1353,12 @@ public class NetworkManagementService extends INetworkManagementService.Stub { } @Override - public void setUidMeteredNetworkBlacklist(int uid, boolean enable) { + public void setUidMeteredNetworkDenylist(int uid, boolean enable) { setUidOnMeteredNetworkList(uid, true, enable); } @Override - public void setUidMeteredNetworkWhitelist(int uid, boolean enable) { + public void setUidMeteredNetworkAllowlist(int uid, boolean enable) { setUidOnMeteredNetworkList(uid, false, enable); } @@ -1626,7 +1626,7 @@ public class NetworkManagementService extends INetworkManagementService.Stub { } } } - // Normally, whitelist chains only contain deny rules, so numUids == exemptUids.length. + // Normally, allowlist chains only contain deny rules, so numUids == exemptUids.length. // But the code does not guarantee this in any way, and at least in one case - if we add // a UID rule to the firewall, and then disable the firewall - the chains can contain // the wrong type of rule. In this case, don't close connections that we shouldn't. @@ -1691,7 +1691,7 @@ public class NetworkManagementService extends INetworkManagementService.Stub { // Close any sockets that were opened by the affected UIDs. This has to be done after // disabling network connectivity, in case they react to the socket close by reopening // the connection and race with the iptables commands that enable the firewall. All - // whitelist and blacklist chains allow RSTs through. + // allowlist and denylist chains allow RSTs through. if (enable) { closeSocketsForFirewallChainLocked(chain, chainName); } @@ -1828,7 +1828,7 @@ public class NetworkManagementService extends INetworkManagementService.Stub { } else { ruleName = "deny"; } - } else { // Blacklist mode + } else { // Denylist mode if (rule == FIREWALL_RULE_DENY) { ruleName = "deny"; } else { @@ -1913,8 +1913,8 @@ public class NetworkManagementService extends INetworkManagementService.Stub { pw.print("Active alert ifaces: "); pw.println(mActiveAlerts.toString()); pw.print("Data saver mode: "); pw.println(mDataSaverMode); synchronized (mRulesLock) { - dumpUidRuleOnQuotaLocked(pw, "blacklist", mUidRejectOnMetered); - dumpUidRuleOnQuotaLocked(pw, "whitelist", mUidAllowOnMetered); + dumpUidRuleOnQuotaLocked(pw, "denylist", mUidRejectOnMetered); + dumpUidRuleOnQuotaLocked(pw, "allowlist", mUidAllowOnMetered); } } @@ -2179,9 +2179,9 @@ public class NetworkManagementService extends INetworkManagementService.Stub { } } - void setUidOnMeteredNetworkList(boolean blacklist, int uid, boolean enable) { + void setUidOnMeteredNetworkList(boolean denylist, int uid, boolean enable) { synchronized (mRulesLock) { - if (blacklist) { + if (denylist) { mUidRejectOnMetered.put(uid, enable); } else { mUidAllowOnMetered.put(uid, enable); diff --git a/services/core/java/com/android/server/net/NetworkPolicyLogger.java b/services/core/java/com/android/server/net/NetworkPolicyLogger.java index 6d82c1c257ab..217b965f4722 100644 --- a/services/core/java/com/android/server/net/NetworkPolicyLogger.java +++ b/services/core/java/com/android/server/net/NetworkPolicyLogger.java @@ -68,9 +68,9 @@ public class NetworkPolicyLogger { static final int NTWK_BLOCKED_POWER = 0; static final int NTWK_ALLOWED_NON_METERED = 1; - static final int NTWK_BLOCKED_BLACKLIST = 2; - static final int NTWK_ALLOWED_WHITELIST = 3; - static final int NTWK_ALLOWED_TMP_WHITELIST = 4; + static final int NTWK_BLOCKED_DENYLIST = 2; + static final int NTWK_ALLOWED_ALLOWLIST = 3; + static final int NTWK_ALLOWED_TMP_ALLOWLIST = 4; static final int NTWK_BLOCKED_BG_RESTRICT = 5; static final int NTWK_ALLOWED_DEFAULT = 6; static final int NTWK_ALLOWED_SYSTEM = 7; @@ -226,12 +226,12 @@ public class NetworkPolicyLogger { return "blocked by power restrictions"; case NTWK_ALLOWED_NON_METERED: return "allowed on unmetered network"; - case NTWK_BLOCKED_BLACKLIST: - return "blacklisted on metered network"; - case NTWK_ALLOWED_WHITELIST: - return "whitelisted on metered network"; - case NTWK_ALLOWED_TMP_WHITELIST: - return "temporary whitelisted on metered network"; + case NTWK_BLOCKED_DENYLIST: + return "denylisted on metered network"; + case NTWK_ALLOWED_ALLOWLIST: + return "allowlisted on metered network"; + case NTWK_ALLOWED_TMP_ALLOWLIST: + return "temporary allowlisted on metered network"; case NTWK_BLOCKED_BG_RESTRICT: return "blocked when background is restricted"; case NTWK_ALLOWED_DEFAULT: diff --git a/services/core/java/com/android/server/net/NetworkPolicyManagerService.java b/services/core/java/com/android/server/net/NetworkPolicyManagerService.java index 22ed661b03c0..0b01d9ed2a17 100644 --- a/services/core/java/com/android/server/net/NetworkPolicyManagerService.java +++ b/services/core/java/com/android/server/net/NetworkPolicyManagerService.java @@ -101,13 +101,13 @@ import static com.android.internal.util.XmlUtils.writeIntAttribute; import static com.android.internal.util.XmlUtils.writeLongAttribute; import static com.android.internal.util.XmlUtils.writeStringAttribute; import static com.android.server.NetworkManagementService.LIMIT_GLOBAL_ALERT; +import static com.android.server.net.NetworkPolicyLogger.NTWK_ALLOWED_ALLOWLIST; import static com.android.server.net.NetworkPolicyLogger.NTWK_ALLOWED_DEFAULT; import static com.android.server.net.NetworkPolicyLogger.NTWK_ALLOWED_NON_METERED; import static com.android.server.net.NetworkPolicyLogger.NTWK_ALLOWED_SYSTEM; -import static com.android.server.net.NetworkPolicyLogger.NTWK_ALLOWED_TMP_WHITELIST; -import static com.android.server.net.NetworkPolicyLogger.NTWK_ALLOWED_WHITELIST; +import static com.android.server.net.NetworkPolicyLogger.NTWK_ALLOWED_TMP_ALLOWLIST; import static com.android.server.net.NetworkPolicyLogger.NTWK_BLOCKED_BG_RESTRICT; -import static com.android.server.net.NetworkPolicyLogger.NTWK_BLOCKED_BLACKLIST; +import static com.android.server.net.NetworkPolicyLogger.NTWK_BLOCKED_DENYLIST; import static com.android.server.net.NetworkPolicyLogger.NTWK_BLOCKED_POWER; import static com.android.server.net.NetworkStatsService.ACTION_NETWORK_STATS_UPDATED; @@ -503,7 +503,7 @@ public class NetworkPolicyManagerService extends INetworkPolicyManager.Stub { * UIDs that have been initially white-listed by system to avoid restricted background. */ @GuardedBy("mUidRulesFirstLock") - private final SparseBooleanArray mDefaultRestrictBackgroundWhitelistUids = + private final SparseBooleanArray mDefaultRestrictBackgroundAllowlistUids = new SparseBooleanArray(); /** @@ -511,7 +511,7 @@ public class NetworkPolicyManagerService extends INetworkPolicyManager.Stub { * but later revoked by user. */ @GuardedBy("mUidRulesFirstLock") - private final SparseBooleanArray mRestrictBackgroundWhitelistRevokedUids = + private final SparseBooleanArray mRestrictBackgroundAllowlistRevokedUids = new SparseBooleanArray(); /** Set of ifaces that are metered. */ @@ -667,26 +667,26 @@ public class NetworkPolicyManagerService extends INetworkPolicyManager.Stub { } /** - * Whitelists pre-defined apps for restrict background, but only if the user didn't already - * revoke the whitelist. + * Allows pre-defined apps for restrict background, but only if the user didn't already + * revoked them. * - * @return whether any uid has been whitelisted. + * @return whether any uid has been allowlisted. */ @GuardedBy("mUidRulesFirstLock") - boolean addDefaultRestrictBackgroundWhitelistUidsUL() { + boolean addDefaultRestrictBackgroundAllowlistUidsUL() { final List<UserInfo> users = mUserManager.getUsers(); final int numberUsers = users.size(); boolean changed = false; for (int i = 0; i < numberUsers; i++) { final UserInfo user = users.get(i); - changed = addDefaultRestrictBackgroundWhitelistUidsUL(user.id) || changed; + changed = addDefaultRestrictBackgroundAllowlistUidsUL(user.id) || changed; } return changed; } @GuardedBy("mUidRulesFirstLock") - private boolean addDefaultRestrictBackgroundWhitelistUidsUL(int userId) { + private boolean addDefaultRestrictBackgroundAllowlistUidsUL(int userId) { final SystemConfig sysConfig = SystemConfig.getInstance(); final PackageManager pm = mContext.getPackageManager(); final ArraySet<String> allowDataUsage = sysConfig.getAllowInDataUsageSave(); @@ -694,7 +694,7 @@ public class NetworkPolicyManagerService extends INetworkPolicyManager.Stub { for (int i = 0; i < allowDataUsage.size(); i++) { final String pkg = allowDataUsage.valueAt(i); if (LOGD) - Slog.d(TAG, "checking restricted background whitelisting for package " + pkg + Slog.d(TAG, "checking restricted background allowlisting for package " + pkg + " and user " + userId); final ApplicationInfo app; try { @@ -705,20 +705,20 @@ public class NetworkPolicyManagerService extends INetworkPolicyManager.Stub { continue; } if (!app.isPrivilegedApp()) { - Slog.e(TAG, "addDefaultRestrictBackgroundWhitelistUidsUL(): " + Slog.e(TAG, "addDefaultRestrictBackgroundAllowlistUidsUL(): " + "skipping non-privileged app " + pkg); continue; } final int uid = UserHandle.getUid(userId, app.uid); - mDefaultRestrictBackgroundWhitelistUids.append(uid, true); + mDefaultRestrictBackgroundAllowlistUids.append(uid, true); if (LOGD) Slog.d(TAG, "Adding uid " + uid + " (user " + userId + ") to default restricted " - + "background whitelist. Revoked status: " - + mRestrictBackgroundWhitelistRevokedUids.get(uid)); - if (!mRestrictBackgroundWhitelistRevokedUids.get(uid)) { + + "background allowlist. Revoked status: " + + mRestrictBackgroundAllowlistRevokedUids.get(uid)); + if (!mRestrictBackgroundAllowlistRevokedUids.get(uid)) { if (LOGD) Slog.d(TAG, "adding default package " + pkg + " (uid " + uid + " for user " - + userId + ") to restrict background whitelist"); + + userId + ") to restrict background allowlist"); setUidPolicyUncheckedUL(uid, POLICY_ALLOW_METERED_BACKGROUND, false); changed = true; } @@ -799,7 +799,7 @@ public class NetworkPolicyManagerService extends INetworkPolicyManager.Stub { } }); - if (addDefaultRestrictBackgroundWhitelistUidsUL()) { + if (addDefaultRestrictBackgroundAllowlistUidsUL()) { writePolicyAL(); } @@ -999,14 +999,14 @@ public class NetworkPolicyManagerService extends INetworkPolicyManager.Stub { case ACTION_USER_ADDED: synchronized (mUidRulesFirstLock) { // Remove any persistable state for the given user; both cleaning up after a - // USER_REMOVED, and one last sanity check during USER_ADDED + // USER_REMOVED, and one last check during USER_ADDED removeUserStateUL(userId, true); // Removing outside removeUserStateUL since that can also be called when // user resets app preferences. mMeteredRestrictedUids.remove(userId); if (action == ACTION_USER_ADDED) { - // Add apps that are whitelisted by default. - addDefaultRestrictBackgroundWhitelistUidsUL(userId); + // Add apps that are allowlisted by default. + addDefaultRestrictBackgroundAllowlistUidsUL(userId); } // Update global restrict for that user synchronized (mNetworkPoliciesSecondLock) { @@ -2189,12 +2189,12 @@ public class NetworkPolicyManagerService extends INetworkPolicyManager.Stub { in.setInput(fis, StandardCharsets.UTF_8.name()); // Must save the <restrict-background> tags and convert them to <uid-policy> later, - // to skip UIDs that were explicitly blacklisted. - final SparseBooleanArray whitelistedRestrictBackground = new SparseBooleanArray(); + // to skip UIDs that were explicitly denylisted. + final SparseBooleanArray allowlistedRestrictBackground = new SparseBooleanArray(); int type; int version = VERSION_INIT; - boolean insideWhitelist = false; + boolean insideAllowlist = false; while ((type = in.next()) != END_DOCUMENT) { final String tag = in.getName(); if (type == START_TAG) { @@ -2333,28 +2333,28 @@ public class NetworkPolicyManagerService extends INetworkPolicyManager.Stub { Slog.w(TAG, "unable to apply policy to UID " + uid + "; ignoring"); } } else if (TAG_WHITELIST.equals(tag)) { - insideWhitelist = true; - } else if (TAG_RESTRICT_BACKGROUND.equals(tag) && insideWhitelist) { + insideAllowlist = true; + } else if (TAG_RESTRICT_BACKGROUND.equals(tag) && insideAllowlist) { final int uid = readIntAttribute(in, ATTR_UID); - whitelistedRestrictBackground.append(uid, true); - } else if (TAG_REVOKED_RESTRICT_BACKGROUND.equals(tag) && insideWhitelist) { + allowlistedRestrictBackground.append(uid, true); + } else if (TAG_REVOKED_RESTRICT_BACKGROUND.equals(tag) && insideAllowlist) { final int uid = readIntAttribute(in, ATTR_UID); - mRestrictBackgroundWhitelistRevokedUids.put(uid, true); + mRestrictBackgroundAllowlistRevokedUids.put(uid, true); } } else if (type == END_TAG) { if (TAG_WHITELIST.equals(tag)) { - insideWhitelist = false; + insideAllowlist = false; } } } - final int size = whitelistedRestrictBackground.size(); + final int size = allowlistedRestrictBackground.size(); for (int i = 0; i < size; i++) { - final int uid = whitelistedRestrictBackground.keyAt(i); + final int uid = allowlistedRestrictBackground.keyAt(i); final int policy = mUidPolicy.get(uid, POLICY_NONE); if ((policy & POLICY_REJECT_METERED_BACKGROUND) != 0) { - Slog.w(TAG, "ignoring restrict-background-whitelist for " + uid + Slog.w(TAG, "ignoring restrict-background-allowlist for " + uid + " because its policy is " + uidPoliciesToString(policy)); continue; } @@ -2526,13 +2526,13 @@ public class NetworkPolicyManagerService extends INetworkPolicyManager.Stub { out.endTag(null, TAG_POLICY_LIST); - // write all whitelists + // write all allowlists out.startTag(null, TAG_WHITELIST); - // revoked restrict background whitelist - int size = mRestrictBackgroundWhitelistRevokedUids.size(); + // revoked restrict background allowlist + int size = mRestrictBackgroundAllowlistRevokedUids.size(); for (int i = 0; i < size; i++) { - final int uid = mRestrictBackgroundWhitelistRevokedUids.keyAt(i); + final int uid = mRestrictBackgroundAllowlistRevokedUids.keyAt(i); out.startTag(null, TAG_REVOKED_RESTRICT_BACKGROUND); writeIntAttribute(out, ATTR_UID, uid); out.endTag(null, TAG_REVOKED_RESTRICT_BACKGROUND); @@ -2612,21 +2612,21 @@ public class NetworkPolicyManagerService extends INetworkPolicyManager.Stub { setUidPolicyUncheckedUL(uid, policy, false); final boolean notifyApp; - if (!isUidValidForWhitelistRules(uid)) { + if (!isUidValidForAllowlistRules(uid)) { notifyApp = false; } else { - final boolean wasBlacklisted = oldPolicy == POLICY_REJECT_METERED_BACKGROUND; - final boolean isBlacklisted = policy == POLICY_REJECT_METERED_BACKGROUND; - final boolean wasWhitelisted = oldPolicy == POLICY_ALLOW_METERED_BACKGROUND; - final boolean isWhitelisted = policy == POLICY_ALLOW_METERED_BACKGROUND; - final boolean wasBlocked = wasBlacklisted || (mRestrictBackground && !wasWhitelisted); - final boolean isBlocked = isBlacklisted || (mRestrictBackground && !isWhitelisted); - if ((wasWhitelisted && (!isWhitelisted || isBlacklisted)) - && mDefaultRestrictBackgroundWhitelistUids.get(uid) - && !mRestrictBackgroundWhitelistRevokedUids.get(uid)) { + final boolean wasDenylisted = oldPolicy == POLICY_REJECT_METERED_BACKGROUND; + final boolean isDenylisted = policy == POLICY_REJECT_METERED_BACKGROUND; + final boolean wasAllowlisted = oldPolicy == POLICY_ALLOW_METERED_BACKGROUND; + final boolean isAllowlisted = policy == POLICY_ALLOW_METERED_BACKGROUND; + final boolean wasBlocked = wasDenylisted || (mRestrictBackground && !wasAllowlisted); + final boolean isBlocked = isDenylisted || (mRestrictBackground && !isAllowlisted); + if ((wasAllowlisted && (!isAllowlisted || isDenylisted)) + && mDefaultRestrictBackgroundAllowlistUids.get(uid) + && !mRestrictBackgroundAllowlistRevokedUids.get(uid)) { if (LOGD) - Slog.d(TAG, "Adding uid " + uid + " to revoked restrict background whitelist"); - mRestrictBackgroundWhitelistRevokedUids.append(uid, true); + Slog.d(TAG, "Adding uid " + uid + " to revoked restrict background allowlist"); + mRestrictBackgroundAllowlistRevokedUids.append(uid, true); } notifyApp = wasBlocked != isBlocked; } @@ -2693,11 +2693,11 @@ public class NetworkPolicyManagerService extends INetworkPolicyManager.Stub { mLogger.removingUserState(userId); boolean changed = false; - // Remove entries from revoked default restricted background UID whitelist - for (int i = mRestrictBackgroundWhitelistRevokedUids.size() - 1; i >= 0; i--) { - final int uid = mRestrictBackgroundWhitelistRevokedUids.keyAt(i); + // Remove entries from revoked default restricted background UID allowlist + for (int i = mRestrictBackgroundAllowlistRevokedUids.size() - 1; i >= 0; i--) { + final int uid = mRestrictBackgroundAllowlistRevokedUids.keyAt(i); if (UserHandle.getUserId(uid) == userId) { - mRestrictBackgroundWhitelistRevokedUids.removeAt(i); + mRestrictBackgroundAllowlistRevokedUids.removeAt(i); changed = true; } } @@ -2903,7 +2903,7 @@ public class NetworkPolicyManagerService extends INetworkPolicyManager.Stub { Slog.d(TAG, "setRestrictBackgroundUL(): " + restrictBackground); final boolean oldRestrictBackground = mRestrictBackground; mRestrictBackground = restrictBackground; - // Must whitelist foreground apps before turning data saver mode on. + // Must allowlist foreground apps before turning data saver mode on. // TODO: there is no need to iterate through all apps here, just those in the foreground, // so it could call AM to get the UIDs of such apps, and iterate through them instead. updateRulesForRestrictBackgroundUL(); @@ -2956,7 +2956,7 @@ public class NetworkPolicyManagerService extends INetworkPolicyManager.Stub { Binder.restoreCallingIdentity(token); } if (policy == POLICY_REJECT_METERED_BACKGROUND) { - // App is blacklisted. + // App is denylisted. return RESTRICT_BACKGROUND_STATUS_ENABLED; } if (!mRestrictBackground) { @@ -3526,25 +3526,25 @@ public class NetworkPolicyManagerService extends INetworkPolicyManager.Stub { fout.decreaseIndent(); } - size = mDefaultRestrictBackgroundWhitelistUids.size(); + size = mDefaultRestrictBackgroundAllowlistUids.size(); if (size > 0) { - fout.println("Default restrict background whitelist uids:"); + fout.println("Default restrict background allowlist uids:"); fout.increaseIndent(); for (int i = 0; i < size; i++) { fout.print("UID="); - fout.print(mDefaultRestrictBackgroundWhitelistUids.keyAt(i)); + fout.print(mDefaultRestrictBackgroundAllowlistUids.keyAt(i)); fout.println(); } fout.decreaseIndent(); } - size = mRestrictBackgroundWhitelistRevokedUids.size(); + size = mRestrictBackgroundAllowlistRevokedUids.size(); if (size > 0) { - fout.println("Default restrict background whitelist uids revoked by users:"); + fout.println("Default restrict background allowlist uids revoked by users:"); fout.increaseIndent(); for (int i = 0; i < size; i++) { fout.print("UID="); - fout.print(mRestrictBackgroundWhitelistRevokedUids.keyAt(i)); + fout.print(mRestrictBackgroundAllowlistRevokedUids.keyAt(i)); fout.println(); } fout.decreaseIndent(); @@ -3861,7 +3861,7 @@ public class NetworkPolicyManagerService extends INetworkPolicyManager.Stub { @GuardedBy("mUidRulesFirstLock") void updateRuleForAppIdleUL(int uid) { - if (!isUidValidForBlacklistRules(uid)) return; + if (!isUidValidForDenylistRules(uid)) return; if (Trace.isTagEnabled(Trace.TRACE_TAG_NETWORK)) { Trace.traceBegin(Trace.TRACE_TAG_NETWORK, "updateRuleForAppIdleUL: " + uid ); @@ -3897,7 +3897,7 @@ public class NetworkPolicyManagerService extends INetworkPolicyManager.Stub { int oldRules = mUidRules.get(uid); if (enableChain) { // Chain wasn't enabled before and the other power-related - // chains are whitelists, so we can clear the + // chains are allowlists, so we can clear the // MASK_ALL_NETWORKS part of the rules and re-inform listeners if // the effective rules result in blocking network access. oldRules &= MASK_METERED_NETWORKS; @@ -4043,7 +4043,7 @@ public class NetworkPolicyManagerService extends INetworkPolicyManager.Stub { // TODO: the MEDIA / DRM restriction might not be needed anymore, in which case both // methods below could be merged into a isUidValidForRules() method. - private boolean isUidValidForBlacklistRules(int uid) { + private boolean isUidValidForDenylistRules(int uid) { // allow rules on specific system services, and any apps if (uid == android.os.Process.MEDIA_UID || uid == android.os.Process.DRM_UID || (UserHandle.isApp(uid) && hasInternetPermissions(uid))) { @@ -4053,7 +4053,7 @@ public class NetworkPolicyManagerService extends INetworkPolicyManager.Stub { return false; } - private boolean isUidValidForWhitelistRules(int uid) { + private boolean isUidValidForAllowlistRules(int uid) { return UserHandle.isApp(uid) && hasInternetPermissions(uid); } @@ -4190,23 +4190,23 @@ public class NetworkPolicyManagerService extends INetworkPolicyManager.Stub { /** * Applies network rules to bandwidth controllers based on process state and user-defined - * restrictions (blacklist / whitelist). + * restrictions (allowlist / denylist). * * <p> * {@code netd} defines 3 firewall chains that govern whether an app has access to metered * networks: * <ul> - * <li>@{code bw_penalty_box}: UIDs added to this chain do not have access (blacklist). - * <li>@{code bw_happy_box}: UIDs added to this chain have access (whitelist), unless they're - * also blacklisted. + * <li>@{code bw_penalty_box}: UIDs added to this chain do not have access (denylist). + * <li>@{code bw_happy_box}: UIDs added to this chain have access (allowlist), unless they're + * also denylisted. * <li>@{code bw_data_saver}: when enabled (through {@link #setRestrictBackground(boolean)}), - * no UIDs other than those whitelisted will have access. + * no UIDs other than those allowlisted will have access. * <ul> * * <p>The @{code bw_penalty_box} and @{code bw_happy_box} are primarily managed through the - * {@link #setUidPolicy(int, int)} and {@link #addRestrictBackgroundWhitelistedUid(int)} / - * {@link #removeRestrictBackgroundWhitelistedUid(int)} methods (for blacklist and whitelist - * respectively): these methods set the proper internal state (blacklist / whitelist), then call + * {@link #setUidPolicy(int, int)} and {@link #addRestrictBackgroundAllowlistedUid(int)} / + * {@link #removeRestrictBackgroundDenylistedUid(int)} methods (for denylist and allowlist + * respectively): these methods set the proper internal state (denylist / allowlist), then call * this ({@link #updateRulesForDataUsageRestrictionsUL(int)}) to propagate the rules to * {@link INetworkManagementService}, but this method should also be called in events (like * Data Saver Mode flips or UID state changes) that might affect the foreground app, since the @@ -4215,7 +4215,7 @@ public class NetworkPolicyManagerService extends INetworkPolicyManager.Stub { * <ul> * <li>When Data Saver mode is on, the foreground app should be temporarily added to * {@code bw_happy_box} before the @{code bw_data_saver} chain is enabled. - * <li>If the foreground app is blacklisted by the user, it should be temporarily removed from + * <li>If the foreground app is denylisted by the user, it should be temporarily removed from * {@code bw_penalty_box}. * <li>When the app leaves foreground state, the temporary changes above should be reverted. * </ul> @@ -4240,7 +4240,7 @@ public class NetworkPolicyManagerService extends INetworkPolicyManager.Stub { } private void updateRulesForDataUsageRestrictionsULInner(int uid) { - if (!isUidValidForWhitelistRules(uid)) { + if (!isUidValidForAllowlistRules(uid)) { if (LOGD) Slog.d(TAG, "no need to update restrict data rules for uid " + uid); return; } @@ -4250,8 +4250,8 @@ public class NetworkPolicyManagerService extends INetworkPolicyManager.Stub { final boolean isForeground = isUidForegroundOnRestrictBackgroundUL(uid); final boolean isRestrictedByAdmin = isRestrictedByAdminUL(uid); - final boolean isBlacklisted = (uidPolicy & POLICY_REJECT_METERED_BACKGROUND) != 0; - final boolean isWhitelisted = (uidPolicy & POLICY_ALLOW_METERED_BACKGROUND) != 0; + final boolean isDenylisted = (uidPolicy & POLICY_REJECT_METERED_BACKGROUND) != 0; + final boolean isAllowlisted = (uidPolicy & POLICY_ALLOW_METERED_BACKGROUND) != 0; final int oldRule = oldUidRules & MASK_METERED_NETWORKS; int newRule = RULE_NONE; @@ -4259,15 +4259,15 @@ public class NetworkPolicyManagerService extends INetworkPolicyManager.Stub { if (isRestrictedByAdmin) { newRule = RULE_REJECT_METERED; } else if (isForeground) { - if (isBlacklisted || (mRestrictBackground && !isWhitelisted)) { + if (isDenylisted || (mRestrictBackground && !isAllowlisted)) { newRule = RULE_TEMPORARY_ALLOW_METERED; - } else if (isWhitelisted) { + } else if (isAllowlisted) { newRule = RULE_ALLOW_METERED; } } else { - if (isBlacklisted) { + if (isDenylisted) { newRule = RULE_REJECT_METERED; - } else if (mRestrictBackground && isWhitelisted) { + } else if (mRestrictBackground && isAllowlisted) { newRule = RULE_ALLOW_METERED; } } @@ -4276,8 +4276,8 @@ public class NetworkPolicyManagerService extends INetworkPolicyManager.Stub { if (LOGV) { Log.v(TAG, "updateRuleForRestrictBackgroundUL(" + uid + ")" + ": isForeground=" +isForeground - + ", isBlacklisted=" + isBlacklisted - + ", isWhitelisted=" + isWhitelisted + + ", isDenylisted=" + isDenylisted + + ", isAllowlisted=" + isAllowlisted + ", isRestrictedByAdmin=" + isRestrictedByAdmin + ", oldRule=" + uidRulesToString(oldRule) + ", newRule=" + uidRulesToString(newRule) @@ -4294,49 +4294,49 @@ public class NetworkPolicyManagerService extends INetworkPolicyManager.Stub { // Second step: apply bw changes based on change of state. if (newRule != oldRule) { if (hasRule(newRule, RULE_TEMPORARY_ALLOW_METERED)) { - // Temporarily whitelist foreground app, removing from blacklist if necessary + // Temporarily allowlist foreground app, removing from denylist if necessary // (since bw_penalty_box prevails over bw_happy_box). - setMeteredNetworkWhitelist(uid, true); + setMeteredNetworkAllowlist(uid, true); // TODO: if statement below is used to avoid an unnecessary call to netd / iptables, // but ideally it should be just: - // setMeteredNetworkBlacklist(uid, isBlacklisted); - if (isBlacklisted) { - setMeteredNetworkBlacklist(uid, false); + // setMeteredNetworkDenylist(uid, isDenylisted); + if (isDenylisted) { + setMeteredNetworkDenylist(uid, false); } } else if (hasRule(oldRule, RULE_TEMPORARY_ALLOW_METERED)) { - // Remove temporary whitelist from app that is not on foreground anymore. + // Remove temporary allowlist from app that is not on foreground anymore. // TODO: if statements below are used to avoid unnecessary calls to netd / iptables, // but ideally they should be just: - // setMeteredNetworkWhitelist(uid, isWhitelisted); - // setMeteredNetworkBlacklist(uid, isBlacklisted); - if (!isWhitelisted) { - setMeteredNetworkWhitelist(uid, false); + // setMeteredNetworkAllowlist(uid, isAllowlisted); + // setMeteredNetworkDenylist(uid, isDenylisted); + if (!isAllowlisted) { + setMeteredNetworkAllowlist(uid, false); } - if (isBlacklisted || isRestrictedByAdmin) { - setMeteredNetworkBlacklist(uid, true); + if (isDenylisted || isRestrictedByAdmin) { + setMeteredNetworkDenylist(uid, true); } } else if (hasRule(newRule, RULE_REJECT_METERED) || hasRule(oldRule, RULE_REJECT_METERED)) { - // Flip state because app was explicitly added or removed to blacklist. - setMeteredNetworkBlacklist(uid, (isBlacklisted || isRestrictedByAdmin)); - if (hasRule(oldRule, RULE_REJECT_METERED) && isWhitelisted) { - // Since blacklist prevails over whitelist, we need to handle the special case - // where app is whitelisted and blacklisted at the same time (although such - // scenario should be blocked by the UI), then blacklist is removed. - setMeteredNetworkWhitelist(uid, isWhitelisted); + // Flip state because app was explicitly added or removed to denylist. + setMeteredNetworkDenylist(uid, (isDenylisted || isRestrictedByAdmin)); + if (hasRule(oldRule, RULE_REJECT_METERED) && isAllowlisted) { + // Since dneylist prevails over allowlist, we need to handle the special case + // where app is allowlisted and denylisted at the same time (although such + // scenario should be blocked by the UI), then denylist is removed. + setMeteredNetworkAllowlist(uid, isAllowlisted); } } else if (hasRule(newRule, RULE_ALLOW_METERED) || hasRule(oldRule, RULE_ALLOW_METERED)) { - // Flip state because app was explicitly added or removed to whitelist. - setMeteredNetworkWhitelist(uid, isWhitelisted); + // Flip state because app was explicitly added or removed to allowlist. + setMeteredNetworkAllowlist(uid, isAllowlisted); } else { // All scenarios should have been covered above. Log.wtf(TAG, "Unexpected change of metered UID state for " + uid + ": foreground=" + isForeground - + ", whitelisted=" + isWhitelisted - + ", blacklisted=" + isBlacklisted + + ", allowlisted=" + isAllowlisted + + ", denylisted=" + isDenylisted + ", isRestrictedByAdmin=" + isRestrictedByAdmin + ", newRule=" + uidRulesToString(newUidRules) + ", oldRule=" + uidRulesToString(oldUidRules)); @@ -4352,7 +4352,7 @@ public class NetworkPolicyManagerService extends INetworkPolicyManager.Stub { * listeners in case of change. * <p> * There are 3 power-related rules that affects whether an app has background access on - * non-metered networks, and when the condition applies and the UID is not whitelisted for power + * non-metered networks, and when the condition applies and the UID is not allowlisted for power * restriction, it's added to the equivalent firewall chain: * <ul> * <li>App is idle: {@code fw_standby} firewall chain. @@ -4361,7 +4361,7 @@ public class NetworkPolicyManagerService extends INetworkPolicyManager.Stub { * </ul> * <p> * This method updates the power-related part of the {@link #mUidRules} for a given uid based on - * these modes, the UID process state (foreground or not), and the UIDwhitelist state. + * these modes, the UID process state (foreground or not), and the UID allowlist state. * <p> * <strong>NOTE: </strong>This method does not update the firewall rules on {@code netd}. */ @@ -4401,7 +4401,7 @@ public class NetworkPolicyManagerService extends INetworkPolicyManager.Stub { } private int updateRulesForPowerRestrictionsULInner(int uid, int oldUidRules, boolean paroled) { - if (!isUidValidForBlacklistRules(uid)) { + if (!isUidValidForDenylistRules(uid)) { if (LOGD) Slog.d(TAG, "no need to update restrict power rules for uid " + uid); return RULE_NONE; } @@ -4813,23 +4813,23 @@ public class NetworkPolicyManagerService extends INetworkPolicyManager.Stub { } } - private void setMeteredNetworkBlacklist(int uid, boolean enable) { - if (LOGV) Slog.v(TAG, "setMeteredNetworkBlacklist " + uid + ": " + enable); + private void setMeteredNetworkDenylist(int uid, boolean enable) { + if (LOGV) Slog.v(TAG, "setMeteredNetworkDenylist " + uid + ": " + enable); try { - mNetworkManager.setUidMeteredNetworkBlacklist(uid, enable); + mNetworkManager.setUidMeteredNetworkDenylist(uid, enable); } catch (IllegalStateException e) { - Log.wtf(TAG, "problem setting blacklist (" + enable + ") rules for " + uid, e); + Log.wtf(TAG, "problem setting denylist (" + enable + ") rules for " + uid, e); } catch (RemoteException e) { // ignored; service lives in system_server } } - private void setMeteredNetworkWhitelist(int uid, boolean enable) { - if (LOGV) Slog.v(TAG, "setMeteredNetworkWhitelist " + uid + ": " + enable); + private void setMeteredNetworkAllowlist(int uid, boolean enable) { + if (LOGV) Slog.v(TAG, "setMeteredNetworkAllowlist " + uid + ": " + enable); try { - mNetworkManager.setUidMeteredNetworkWhitelist(uid, enable); + mNetworkManager.setUidMeteredNetworkAllowlist(uid, enable); } catch (IllegalStateException e) { - Log.wtf(TAG, "problem setting whitelist (" + enable + ") rules for " + uid, e); + Log.wtf(TAG, "problem setting allowlist (" + enable + ") rules for " + uid, e); } catch (RemoteException e) { // ignored; service lives in system_server } @@ -4890,7 +4890,7 @@ public class NetworkPolicyManagerService extends INetworkPolicyManager.Stub { } /** - * Add or remove a uid to the firewall blacklist for all network ifaces. + * Add or remove a uid to the firewall denylist for all network ifaces. */ private void setUidFirewallRule(int chain, int uid, int rule) { if (Trace.isTagEnabled(Trace.TRACE_TAG_NETWORK)) { @@ -4920,7 +4920,7 @@ public class NetworkPolicyManagerService extends INetworkPolicyManager.Stub { } /** - * Add or remove a uid to the firewall blacklist for all network ifaces. + * Add or remove a uid to the firewall denylist for all network ifaces. */ @GuardedBy("mUidRulesFirstLock") private void enableFirewallChainUL(int chain, boolean enable) { @@ -4949,8 +4949,8 @@ public class NetworkPolicyManagerService extends INetworkPolicyManager.Stub { mNetworkManager.setFirewallUidRule(FIREWALL_CHAIN_STANDBY, uid, FIREWALL_RULE_DEFAULT); mNetworkManager .setFirewallUidRule(FIREWALL_CHAIN_POWERSAVE, uid, FIREWALL_RULE_DEFAULT); - mNetworkManager.setUidMeteredNetworkWhitelist(uid, false); - mNetworkManager.setUidMeteredNetworkBlacklist(uid, false); + mNetworkManager.setUidMeteredNetworkAllowlist(uid, false); + mNetworkManager.setUidMeteredNetworkDenylist(uid, false); } catch (IllegalStateException e) { Log.wtf(TAG, "problem resetting firewall uid rules for " + uid, e); } catch (RemoteException e) { @@ -5139,13 +5139,13 @@ public class NetworkPolicyManagerService extends INetworkPolicyManager.Stub { reason = NTWK_ALLOWED_NON_METERED; } else if (hasRule(uidRules, RULE_REJECT_METERED)) { - reason = NTWK_BLOCKED_BLACKLIST; + reason = NTWK_BLOCKED_DENYLIST; } else if (hasRule(uidRules, RULE_ALLOW_METERED)) { - reason = NTWK_ALLOWED_WHITELIST; + reason = NTWK_ALLOWED_ALLOWLIST; } else if (hasRule(uidRules, RULE_TEMPORARY_ALLOW_METERED)) { - reason = NTWK_ALLOWED_TMP_WHITELIST; + reason = NTWK_ALLOWED_TMP_ALLOWLIST; } else if (isBackgroundRestricted) { reason = NTWK_BLOCKED_BG_RESTRICT; @@ -5158,13 +5158,13 @@ public class NetworkPolicyManagerService extends INetworkPolicyManager.Stub { switch(reason) { case NTWK_ALLOWED_DEFAULT: case NTWK_ALLOWED_NON_METERED: - case NTWK_ALLOWED_TMP_WHITELIST: - case NTWK_ALLOWED_WHITELIST: + case NTWK_ALLOWED_TMP_ALLOWLIST: + case NTWK_ALLOWED_ALLOWLIST: case NTWK_ALLOWED_SYSTEM: blocked = false; break; case NTWK_BLOCKED_POWER: - case NTWK_BLOCKED_BLACKLIST: + case NTWK_BLOCKED_DENYLIST: case NTWK_BLOCKED_BG_RESTRICT: blocked = true; break; @@ -5184,7 +5184,7 @@ public class NetworkPolicyManagerService extends INetworkPolicyManager.Stub { public void resetUserState(int userId) { synchronized (mUidRulesFirstLock) { boolean changed = removeUserStateUL(userId, false); - changed = addDefaultRestrictBackgroundWhitelistUidsUL(userId) || changed; + changed = addDefaultRestrictBackgroundAllowlistUidsUL(userId) || changed; if (changed) { synchronized (mNetworkPoliciesSecondLock) { writePolicyAL(); diff --git a/services/tests/servicestests/assets/NetworkPolicyManagerServiceTest/netpolicy/restrict-background-lists-whitelist-format.xml b/services/tests/servicestests/assets/NetworkPolicyManagerServiceTest/netpolicy/restrict-background-lists-allowlist-format.xml index 597600303acb..597600303acb 100644 --- a/services/tests/servicestests/assets/NetworkPolicyManagerServiceTest/netpolicy/restrict-background-lists-whitelist-format.xml +++ b/services/tests/servicestests/assets/NetworkPolicyManagerServiceTest/netpolicy/restrict-background-lists-allowlist-format.xml diff --git a/services/tests/servicestests/assets/NetworkPolicyManagerServiceTest/netpolicy/uidA-whitelisted-restrict-background-off.xml b/services/tests/servicestests/assets/NetworkPolicyManagerServiceTest/netpolicy/uidA-allowlisted-restrict-background-off.xml index 196ca28192e4..196ca28192e4 100644 --- a/services/tests/servicestests/assets/NetworkPolicyManagerServiceTest/netpolicy/uidA-whitelisted-restrict-background-off.xml +++ b/services/tests/servicestests/assets/NetworkPolicyManagerServiceTest/netpolicy/uidA-allowlisted-restrict-background-off.xml diff --git a/services/tests/servicestests/assets/NetworkPolicyManagerServiceTest/netpolicy/uidA-whitelisted-restrict-background-on.xml b/services/tests/servicestests/assets/NetworkPolicyManagerServiceTest/netpolicy/uidA-allowlisted-restrict-background-on.xml index 4b7724c05d8d..4b7724c05d8d 100644 --- a/services/tests/servicestests/assets/NetworkPolicyManagerServiceTest/netpolicy/uidA-whitelisted-restrict-background-on.xml +++ b/services/tests/servicestests/assets/NetworkPolicyManagerServiceTest/netpolicy/uidA-allowlisted-restrict-background-on.xml diff --git a/services/tests/servicestests/assets/NetworkPolicyManagerServiceTest/netpolicy/uidA-blacklisted-restrict-background-off.xml b/services/tests/servicestests/assets/NetworkPolicyManagerServiceTest/netpolicy/uidA-denylisted-restrict-background-off.xml index 5b1c03ce170e..5b1c03ce170e 100644 --- a/services/tests/servicestests/assets/NetworkPolicyManagerServiceTest/netpolicy/uidA-blacklisted-restrict-background-off.xml +++ b/services/tests/servicestests/assets/NetworkPolicyManagerServiceTest/netpolicy/uidA-denylisted-restrict-background-off.xml diff --git a/services/tests/servicestests/assets/NetworkPolicyManagerServiceTest/netpolicy/uidA-blacklisted-restrict-background-on.xml b/services/tests/servicestests/assets/NetworkPolicyManagerServiceTest/netpolicy/uidA-denylisted-restrict-background-on.xml index bec2371cff6f..bec2371cff6f 100644 --- a/services/tests/servicestests/assets/NetworkPolicyManagerServiceTest/netpolicy/uidA-blacklisted-restrict-background-on.xml +++ b/services/tests/servicestests/assets/NetworkPolicyManagerServiceTest/netpolicy/uidA-denylisted-restrict-background-on.xml diff --git a/services/tests/servicestests/src/com/android/server/net/NetworkPolicyManagerServiceTest.java b/services/tests/servicestests/src/com/android/server/net/NetworkPolicyManagerServiceTest.java index f1662ff952f2..287d4a15a526 100644 --- a/services/tests/servicestests/src/com/android/server/net/NetworkPolicyManagerServiceTest.java +++ b/services/tests/servicestests/src/com/android/server/net/NetworkPolicyManagerServiceTest.java @@ -455,7 +455,7 @@ public class NetworkPolicyManagerServiceTest { @Test public void testTurnRestrictBackgroundOn() throws Exception { - assertRestrictBackgroundOff(); // Sanity check. + assertRestrictBackgroundOff(); final FutureIntent futureIntent = newRestrictBackgroundChangedFuture(); setRestrictBackground(true); assertRestrictBackgroundChangedReceived(futureIntent, null); @@ -464,7 +464,7 @@ public class NetworkPolicyManagerServiceTest { @Test @NetPolicyXml("restrict-background-on.xml") public void testTurnRestrictBackgroundOff() throws Exception { - assertRestrictBackgroundOn(); // Sanity check. + assertRestrictBackgroundOn(); assertRestrictBackgroundChangedReceived(mFutureIntent, null); final FutureIntent futureIntent = newRestrictBackgroundChangedFuture(); setRestrictBackground(false); @@ -472,28 +472,27 @@ public class NetworkPolicyManagerServiceTest { } /** - * Adds whitelist when restrict background is on - app should receive an intent. + * Adds allowlist when restrict background is on - app should receive an intent. */ @Test @NetPolicyXml("restrict-background-on.xml") - public void testAddRestrictBackgroundWhitelist_restrictBackgroundOn() throws Exception { - assertRestrictBackgroundOn(); // Sanity check. + public void testAddRestrictBackgroundAllowlist_restrictBackgroundOn() throws Exception { + assertRestrictBackgroundOn(); assertRestrictBackgroundChangedReceived(mFutureIntent, null); - addRestrictBackgroundWhitelist(true); + addRestrictBackgroundAllowlist(true); } /** - * Adds whitelist when restrict background is off - app should not receive an intent. + * Adds allowlist when restrict background is off - app should not receive an intent. */ @Test - public void testAddRestrictBackgroundWhitelist_restrictBackgroundOff() throws Exception { - assertRestrictBackgroundOff(); // Sanity check. - addRestrictBackgroundWhitelist(false); + public void testAddRestrictBackgroundAllowlist_restrictBackgroundOff() throws Exception { + assertRestrictBackgroundOff(); + addRestrictBackgroundAllowlist(false); } - private void addRestrictBackgroundWhitelist(boolean expectIntent) throws Exception { - // Sanity checks. - assertWhitelistUids(); + private void addRestrictBackgroundAllowlist(boolean expectIntent) throws Exception { + assertAllowlistUids(); assertUidPolicy(UID_A, POLICY_NONE); final FutureIntent futureIntent = newRestrictBackgroundChangedFuture(); @@ -501,7 +500,7 @@ public class NetworkPolicyManagerServiceTest { mService.setUidPolicy(UID_A, POLICY_ALLOW_METERED_BACKGROUND); - assertWhitelistUids(UID_A); + assertAllowlistUids(UID_A); assertUidPolicy(UID_A, POLICY_ALLOW_METERED_BACKGROUND); mPolicyListener.waitAndVerify() .onUidPoliciesChanged(APP_ID_A, POLICY_ALLOW_METERED_BACKGROUND); @@ -513,24 +512,24 @@ public class NetworkPolicyManagerServiceTest { } /** - * Removes whitelist when restrict background is on - app should receive an intent. + * Removes allowlist when restrict background is on - app should receive an intent. */ @Test - @NetPolicyXml("uidA-whitelisted-restrict-background-on.xml") - public void testRemoveRestrictBackgroundWhitelist_restrictBackgroundOn() throws Exception { - assertRestrictBackgroundOn(); // Sanity check. + @NetPolicyXml("uidA-allowlisted-restrict-background-on.xml") + public void testRemoveRestrictBackgroundAllowlist_restrictBackgroundOn() throws Exception { + assertRestrictBackgroundOn(); assertRestrictBackgroundChangedReceived(mFutureIntent, null); - removeRestrictBackgroundWhitelist(true); + removeRestrictBackgroundAllowlist(true); } /** - * Removes whitelist when restrict background is off - app should not receive an intent. + * Removes allowlist when restrict background is off - app should not receive an intent. */ @Test - @NetPolicyXml("uidA-whitelisted-restrict-background-off.xml") - public void testRemoveRestrictBackgroundWhitelist_restrictBackgroundOff() throws Exception { - assertRestrictBackgroundOff(); // Sanity check. - removeRestrictBackgroundWhitelist(false); + @NetPolicyXml("uidA-allowlisted-restrict-background-off.xml") + public void testRemoveRestrictBackgroundAllowlist_restrictBackgroundOff() throws Exception { + assertRestrictBackgroundOff(); + removeRestrictBackgroundAllowlist(false); } @Test @@ -611,9 +610,8 @@ public class NetworkPolicyManagerServiceTest { assertFalse(mService.getRestrictBackground()); } - private void removeRestrictBackgroundWhitelist(boolean expectIntent) throws Exception { - // Sanity checks. - assertWhitelistUids(UID_A); + private void removeRestrictBackgroundAllowlist(boolean expectIntent) throws Exception { + assertAllowlistUids(UID_A); assertUidPolicy(UID_A, POLICY_ALLOW_METERED_BACKGROUND); final FutureIntent futureIntent = newRestrictBackgroundChangedFuture(); @@ -621,7 +619,7 @@ public class NetworkPolicyManagerServiceTest { mService.setUidPolicy(UID_A, POLICY_NONE); - assertWhitelistUids(); + assertAllowlistUids(); assertUidPolicy(UID_A, POLICY_NONE); mPolicyListener.waitAndVerify().onUidPoliciesChanged(APP_ID_A, POLICY_NONE); if (expectIntent) { @@ -632,27 +630,27 @@ public class NetworkPolicyManagerServiceTest { } /** - * Adds blacklist when restrict background is on - app should not receive an intent. + * Adds denylist when restrict background is on - app should not receive an intent. */ @Test @NetPolicyXml("restrict-background-on.xml") - public void testAddRestrictBackgroundBlacklist_restrictBackgroundOn() throws Exception { - assertRestrictBackgroundOn(); // Sanity check. + public void testAddRestrictBackgroundDenylist_restrictBackgroundOn() throws Exception { + assertRestrictBackgroundOn(); assertRestrictBackgroundChangedReceived(mFutureIntent, null); - addRestrictBackgroundBlacklist(false); + addRestrictBackgroundDenylist(false); } /** - * Adds blacklist when restrict background is off - app should receive an intent. + * Adds denylist when restrict background is off - app should receive an intent. */ @Test - public void testAddRestrictBackgroundBlacklist_restrictBackgroundOff() throws Exception { - assertRestrictBackgroundOff(); // Sanity check. - addRestrictBackgroundBlacklist(true); + public void testAddRestrictBackgroundDenylist_restrictBackgroundOff() throws Exception { + assertRestrictBackgroundOff(); + addRestrictBackgroundDenylist(true); } - private void addRestrictBackgroundBlacklist(boolean expectIntent) throws Exception { - assertUidPolicy(UID_A, POLICY_NONE); // Sanity check. + private void addRestrictBackgroundDenylist(boolean expectIntent) throws Exception { + assertUidPolicy(UID_A, POLICY_NONE); final FutureIntent futureIntent = newRestrictBackgroundChangedFuture(); mPolicyListener.expect().onUidPoliciesChanged(anyInt(), anyInt()); @@ -669,28 +667,28 @@ public class NetworkPolicyManagerServiceTest { } /** - * Removes blacklist when restrict background is on - app should not receive an intent. + * Removes denylist when restrict background is on - app should not receive an intent. */ @Test - @NetPolicyXml("uidA-blacklisted-restrict-background-on.xml") - public void testRemoveRestrictBackgroundBlacklist_restrictBackgroundOn() throws Exception { - assertRestrictBackgroundOn(); // Sanity check. + @NetPolicyXml("uidA-denylisted-restrict-background-on.xml") + public void testRemoveRestrictBackgroundDenylist_restrictBackgroundOn() throws Exception { + assertRestrictBackgroundOn(); assertRestrictBackgroundChangedReceived(mFutureIntent, null); - removeRestrictBackgroundBlacklist(false); + removeRestrictBackgroundDenylist(false); } /** - * Removes blacklist when restrict background is off - app should receive an intent. + * Removes denylist when restrict background is off - app should receive an intent. */ @Test - @NetPolicyXml("uidA-blacklisted-restrict-background-off.xml") - public void testRemoveRestrictBackgroundBlacklist_restrictBackgroundOff() throws Exception { - assertRestrictBackgroundOff(); // Sanity check. - removeRestrictBackgroundBlacklist(true); + @NetPolicyXml("uidA-denylisted-restrict-background-off.xml") + public void testRemoveRestrictBackgroundDenylist_restrictBackgroundOff() throws Exception { + assertRestrictBackgroundOff(); + removeRestrictBackgroundDenylist(true); } - private void removeRestrictBackgroundBlacklist(boolean expectIntent) throws Exception { - assertUidPolicy(UID_A, POLICY_REJECT_METERED_BACKGROUND); // Sanity check. + private void removeRestrictBackgroundDenylist(boolean expectIntent) throws Exception { + assertUidPolicy(UID_A, POLICY_REJECT_METERED_BACKGROUND); final FutureIntent futureIntent = newRestrictBackgroundChangedFuture(); mPolicyListener.expect().onUidPoliciesChanged(anyInt(), anyInt()); @@ -707,9 +705,8 @@ public class NetworkPolicyManagerServiceTest { } @Test - @NetPolicyXml("uidA-blacklisted-restrict-background-on.xml") - public void testBlacklistedAppIsNotNotifiedWhenRestrictBackgroundIsOn() throws Exception { - // Sanity checks. + @NetPolicyXml("uidA-denylisted-restrict-background-on.xml") + public void testDenylistedAppIsNotNotifiedWhenRestrictBackgroundIsOn() throws Exception { assertRestrictBackgroundOn(); assertRestrictBackgroundChangedReceived(mFutureIntent, null); assertUidPolicy(UID_A, POLICY_REJECT_METERED_BACKGROUND); @@ -720,12 +717,11 @@ public class NetworkPolicyManagerServiceTest { } @Test - @NetPolicyXml("uidA-whitelisted-restrict-background-on.xml") - public void testWhitelistedAppIsNotNotifiedWhenRestrictBackgroundIsOn() throws Exception { - // Sanity checks. + @NetPolicyXml("uidA-allowlisted-restrict-background-on.xml") + public void testAllowlistedAppIsNotNotifiedWhenRestrictBackgroundIsOn() throws Exception { assertRestrictBackgroundOn(); assertRestrictBackgroundChangedReceived(mFutureIntent, null); - assertWhitelistUids(UID_A); + assertAllowlistUids(UID_A); final FutureIntent futureIntent = newRestrictBackgroundChangedFuture(); setRestrictBackground(true); @@ -733,12 +729,11 @@ public class NetworkPolicyManagerServiceTest { } @Test - @NetPolicyXml("uidA-whitelisted-restrict-background-on.xml") - public void testWhitelistedAppIsNotifiedWhenBlacklisted() throws Exception { - // Sanity checks. + @NetPolicyXml("uidA-allowlisted-restrict-background-on.xml") + public void testAllowlistedAppIsNotifiedWhenDenylisted() throws Exception { assertRestrictBackgroundOn(); assertRestrictBackgroundChangedReceived(mFutureIntent, null); - assertWhitelistUids(UID_A); + assertAllowlistUids(UID_A); final FutureIntent futureIntent = newRestrictBackgroundChangedFuture(); mService.setUidPolicy(UID_A, POLICY_REJECT_METERED_BACKGROUND); @@ -746,8 +741,8 @@ public class NetworkPolicyManagerServiceTest { } @Test - @NetPolicyXml("restrict-background-lists-whitelist-format.xml") - public void testRestrictBackgroundLists_whitelistFormat() throws Exception { + @NetPolicyXml("restrict-background-lists-allowlist-format.xml") + public void testRestrictBackgroundLists_allowlistFormat() throws Exception { restrictBackgroundListsTest(); } @@ -758,33 +753,33 @@ public class NetworkPolicyManagerServiceTest { } private void restrictBackgroundListsTest() throws Exception { - // UIds that are whitelisted. - assertWhitelistUids(UID_A, UID_B, UID_C); + // UIds that are allowlisted. + assertAllowlistUids(UID_A, UID_B, UID_C); assertUidPolicy(UID_A, POLICY_ALLOW_METERED_BACKGROUND); assertUidPolicy(UID_B, POLICY_ALLOW_METERED_BACKGROUND); assertUidPolicy(UID_C, POLICY_ALLOW_METERED_BACKGROUND); - // UIDs that are blacklisted. + // UIDs that are denylisted. assertUidPolicy(UID_D, POLICY_NONE); assertUidPolicy(UID_E, POLICY_REJECT_METERED_BACKGROUND); // UIDS that have legacy policies. assertUidPolicy(UID_F, 2); // POLICY_ALLOW_BACKGROUND_BATTERY_SAVE - // Remove whitelist. + // Remove allowlist. mService.setUidPolicy(UID_A, POLICY_NONE); assertUidPolicy(UID_A, POLICY_NONE); - assertWhitelistUids(UID_B, UID_C); + assertAllowlistUids(UID_B, UID_C); - // Add whitelist when blacklisted. + // Add allowlist when denylisted. mService.setUidPolicy(UID_E, POLICY_ALLOW_METERED_BACKGROUND); assertUidPolicy(UID_E, POLICY_ALLOW_METERED_BACKGROUND); - assertWhitelistUids(UID_B, UID_C, UID_E); + assertAllowlistUids(UID_B, UID_C, UID_E); - // Add blacklist when whitelisted. + // Add denylist when allowlisted. mService.setUidPolicy(UID_B, POLICY_REJECT_METERED_BACKGROUND); assertUidPolicy(UID_B, POLICY_REJECT_METERED_BACKGROUND); - assertWhitelistUids(UID_C, UID_E); + assertAllowlistUids(UID_C, UID_E); } /** @@ -793,9 +788,9 @@ public class NetworkPolicyManagerServiceTest { @Test @NetPolicyXml("restrict-background-lists-mixed-format.xml") public void testRestrictBackgroundLists_mixedFormat() throws Exception { - assertWhitelistUids(UID_A, UID_C, UID_D); + assertAllowlistUids(UID_A, UID_C, UID_D); assertUidPolicy(UID_A, POLICY_ALLOW_METERED_BACKGROUND); - assertUidPolicy(UID_B, POLICY_REJECT_METERED_BACKGROUND); // Blacklist prevails. + assertUidPolicy(UID_B, POLICY_REJECT_METERED_BACKGROUND); // Denylist prevails. assertUidPolicy(UID_C, (POLICY_ALLOW_METERED_BACKGROUND | 2)); assertUidPolicy(UID_D, POLICY_ALLOW_METERED_BACKGROUND); } @@ -1971,7 +1966,7 @@ public class NetworkPolicyManagerServiceTest { } } - private void assertWhitelistUids(int... uids) { + private void assertAllowlistUids(int... uids) { assertContainsInAnyOrder(mService.getUidsWithPolicy(POLICY_ALLOW_METERED_BACKGROUND), uids); } @@ -2059,7 +2054,6 @@ public class NetworkPolicyManagerServiceTest { private void setRestrictBackground(boolean flag) throws Exception { mService.setRestrictBackground(flag); - // Sanity check. assertEquals("restrictBackground not set", flag, mService.getRestrictBackground()); } |