Restrict access to background networks to CHANGE_NETWORK_STATE. When a network goes into the background, tell netd to set the network's permission to NETWORK. Also, close all TCP sockets on that network, to prevent long-lived TCP connections from staying on it and possibly continuing to use metered data. Bug: 23113288 Change-Id: Ie89c1940b6739160e25c6e9022b8b977afb3e16e

commit: fbe9b1ad6fe6a8d22193c5d04c85e372f56fae03 [log] [tgz]
author: Lorenzo Colitti <lorenzo@google.com> Thu Jul 28 17:14:11 2016 +0900
committer: Lorenzo Colitti <lorenzo@google.com> Fri Sep 23 11:27:13 2016 +0900
tree: a627dd49e496cd02d50d2f350b1567af37e0ad8d
parent: 488ca21f0a393e5fef2dc58c73f43ac7ad8d96fa [diff] [blame]
diff --git a/core/java/android/net/ConnectivityManager.java b/core/java/android/net/ConnectivityManager.java
index b9e9b28..0afb546 100644
--- a/core/java/android/net/ConnectivityManager.java
+++ b/core/java/android/net/ConnectivityManager.java

@@ -1825,6 +1825,16 @@
         return (ConnectivityManager) context.getSystemService(Context.CONNECTIVITY_SERVICE);
     }
 
+    /* TODO: These permissions checks don't belong in client-side code. Move them to
+     * services.jar, possibly in com.android.server.net. */
+
+    /** {@hide} */
+    public static final boolean checkChangePermission(Context context) {
+        int uid = Binder.getCallingUid();
+        return Settings.checkAndNoteChangeNetworkStateOperation(context, uid, Settings
+                .getPackageNameForUid(context, uid), false /* throwException */);
+    }
+
     /** {@hide} */
     public static final void enforceChangePermission(Context context) {
         int uid = Binder.getCallingUid();
commit	fbe9b1ad6fe6a8d22193c5d04c85e372f56fae03	[log] [tgz]
author	Lorenzo Colitti <lorenzo@google.com>	Thu Jul 28 17:14:11 2016 +0900
committer	Lorenzo Colitti <lorenzo@google.com>	Fri Sep 23 11:27:13 2016 +0900
tree	a627dd49e496cd02d50d2f350b1567af37e0ad8d
parent	488ca21f0a393e5fef2dc58c73f43ac7ad8d96fa [diff] [blame]