diff options
Diffstat (limited to 'core/java/android/net')
-rw-r--r-- | core/java/android/net/NetworkPolicyManager.java | 38 | ||||
-rw-r--r-- | core/java/android/net/TrafficStats.java | 38 |
2 files changed, 71 insertions, 5 deletions
diff --git a/core/java/android/net/NetworkPolicyManager.java b/core/java/android/net/NetworkPolicyManager.java index 91af16d..21fad2c 100644 --- a/core/java/android/net/NetworkPolicyManager.java +++ b/core/java/android/net/NetworkPolicyManager.java @@ -16,14 +16,21 @@ package android.net; +import static android.content.pm.PackageManager.GET_SIGNATURES; import static android.text.format.Time.MONTH_DAY; import android.content.Context; import android.content.Intent; +import android.content.pm.PackageManager; +import android.content.pm.PackageManager.NameNotFoundException; +import android.content.pm.Signature; import android.os.RemoteException; import android.text.format.Time; +import com.google.android.collect.Sets; + import java.io.PrintWriter; +import java.util.HashSet; /** * Manager for creating and modifying network policy rules. @@ -210,8 +217,35 @@ public class NetworkPolicyManager { * usually to protect critical system services. */ public static boolean isUidValidForPolicy(Context context, int uid) { - return (uid >= android.os.Process.FIRST_APPLICATION_UID - && uid <= android.os.Process.LAST_APPLICATION_UID); + // first, quick-reject non-applications + if (uid < android.os.Process.FIRST_APPLICATION_UID + || uid > android.os.Process.LAST_APPLICATION_UID) { + return false; + } + + final PackageManager pm = context.getPackageManager(); + final HashSet<Signature> systemSignature; + try { + systemSignature = Sets.newHashSet( + pm.getPackageInfo("android", GET_SIGNATURES).signatures); + } catch (NameNotFoundException e) { + throw new RuntimeException("problem finding system signature", e); + } + + try { + // reject apps signed with system cert + for (String packageName : pm.getPackagesForUid(uid)) { + final HashSet<Signature> packageSignature = Sets.newHashSet( + pm.getPackageInfo(packageName, GET_SIGNATURES).signatures); + if (packageSignature.containsAll(systemSignature)) { + return false; + } + } + } catch (NameNotFoundException e) { + } + + // nothing found above; we can apply policy to UID + return true; } /** {@hide} */ diff --git a/core/java/android/net/TrafficStats.java b/core/java/android/net/TrafficStats.java index cb47193..040489e 100644 --- a/core/java/android/net/TrafficStats.java +++ b/core/java/android/net/TrafficStats.java @@ -16,7 +16,10 @@ package android.net; +import android.app.DownloadManager; +import android.app.backup.BackupManager; import android.content.Context; +import android.media.MediaPlayer; import android.os.IBinder; import android.os.INetworkManagementService; import android.os.RemoteException; @@ -50,6 +53,27 @@ public class TrafficStats { public static final int UID_REMOVED = -4; /** + * Default tag value for {@link DownloadManager} traffic. + * + * @hide + */ + public static final int TAG_SYSTEM_DOWNLOAD = 0xFFFF0001; + + /** + * Default tag value for {@link MediaPlayer} traffic. + * + * @hide + */ + public static final int TAG_SYSTEM_MEDIA = 0xFFFF0002; + + /** + * Default tag value for {@link BackupManager} traffic. + * + * @hide + */ + public static final int TAG_SYSTEM_BACKUP = 0xFFFF0003; + + /** * Snapshot of {@link NetworkStats} when the currently active profiling * session started, or {@code null} if no session active. * @@ -67,12 +91,20 @@ public class TrafficStats { * Changes only take effect during subsequent calls to * {@link #tagSocket(Socket)}. */ - public static void setThreadStatsTag(String tag) { + public static void setThreadStatsTag(int tag) { BlockGuard.setThreadSocketStatsTag(tag); } + /** + * @deprecated unsupported, will eventually be removed + */ + @Deprecated + public static void setThreadStatsTag(String tag) { + setThreadStatsTag(tag.hashCode()); + } + public static void clearThreadStatsTag() { - BlockGuard.setThreadSocketStatsTag(null); + BlockGuard.setThreadSocketStatsTag(-1); } /** @@ -103,7 +135,7 @@ public class TrafficStats { * parameters. When finished, call {@link #untagSocket(Socket)} to remove * statistics parameters. * - * @see #setThreadStatsTag(String) + * @see #setThreadStatsTag(int) * @see #setThreadStatsUid(int) */ public static void tagSocket(Socket socket) throws SocketException { |