system_server: add two child chains to firewall

This is an attempt to speed up getting out of device idle. It groups uid firewall rules in these child chains so we can attach/detach a whole chain instead of individual uid rules. BUG:21446713 Change-Id: Ie8f392da2deabe7cc86a9ecf4ed080163861d41e
author: Xiaohui Chen <xiaohuic@google.com> 2015-06-17 15:55:37 -0700
committer: Xiaohui Chen <xiaohuic@google.com> 2015-06-17 15:55:37 -0700
commit: b41c9f7f39939cee8d226eb5e506c3f0573f44f5 (patch)
tree: b72b25a0c38da181e70055d6bd10df8842a76d16 /core/java/android
parent: 3b3d1fea94318a4892fbd4353269749af417a81a (diff)
download: frameworks_base-b41c9f7f39939cee8d226eb5e506c3f0573f44f5.zip
frameworks_base-b41c9f7f39939cee8d226eb5e506c3f0573f44f5.tar.gz
frameworks_base-b41c9f7f39939cee8d226eb5e506c3f0573f44f5.tar.bz2
2 files changed, 14 insertions, 1 deletions
diff --git a/core/java/android/net/NetworkPolicyManager.java b/core/java/android/net/NetworkPolicyManager.java
index ecc3fb4..3f40484 100644
--- a/core/java/android/net/NetworkPolicyManager.java
+++ b/core/java/android/net/NetworkPolicyManager.java
@@ -61,6 +61,17 @@ public class NetworkPolicyManager {
     public static final int FIREWALL_RULE_ALLOW = 1;
     public static final int FIREWALL_RULE_DENY = 2;
 
+    public static final int FIREWALL_TYPE_WHITELIST = 0;
+    public static final int FIREWALL_TYPE_BLACKLIST = 1;
+
+    public static final int FIREWALL_CHAIN_NONE = 0;
+    public static final int FIREWALL_CHAIN_DOZABLE = 1;
+    public static final int FIREWALL_CHAIN_STANDBY = 2;
+
+    public static final String FIREWALL_CHAIN_NAME_NONE = "none";
+    public static final String FIREWALL_CHAIN_NAME_DOZABLE = "dozable";
+    public static final String FIREWALL_CHAIN_NAME_STANDBY = "standby";
+
     private static final boolean ALLOW_PLATFORM_APP_POLICY = true;
 
     /**
diff --git a/core/java/android/os/INetworkManagementService.aidl b/core/java/android/os/INetworkManagementService.aidl
index b29e8d0..8114155 100644
--- a/core/java/android/os/INetworkManagementService.aidl
+++ b/core/java/android/os/INetworkManagementService.aidl
@@ -342,7 +342,9 @@ interface INetworkManagementService
     void setFirewallInterfaceRule(String iface, boolean allow);
     void setFirewallEgressSourceRule(String addr, boolean allow);
     void setFirewallEgressDestRule(String addr, int port, boolean allow);
-    void setFirewallUidRule(int uid, int rule);
+    void setFirewallUidRule(int chain, int uid, int rule);
+    void setFirewallUidRules(int chain, in int[] uids, in int[] rules);
+    void setFirewallChainEnabled(int chain, boolean enable);
 
     /**
      * Set all packets from users in ranges to go through VPN specified by netId.
author	Xiaohui Chen <xiaohuic@google.com>	2015-06-17 15:55:37 -0700
committer	Xiaohui Chen <xiaohuic@google.com>	2015-06-17 15:55:37 -0700
commit	b41c9f7f39939cee8d226eb5e506c3f0573f44f5 (patch)
tree	b72b25a0c38da181e70055d6bd10df8842a76d16 /core/java/android
parent	3b3d1fea94318a4892fbd4353269749af417a81a (diff)
download	frameworks_base-b41c9f7f39939cee8d226eb5e506c3f0573f44f5.zip frameworks_base-b41c9f7f39939cee8d226eb5e506c3f0573f44f5.tar.gz frameworks_base-b41c9f7f39939cee8d226eb5e506c3f0573f44f5.tar.bz2