Add 3rd deny firewall chain for OEM
Bug: 208371987
Test: atest
CtsNetTestCases:android.net.cts.ConnectivityManagerTest#testFirewallBlocking
ConnectivityServiceTest
Change-Id: Ib521fa02f6a19270cb88a3d85321bda822516c78
diff --git a/service/src/com/android/server/ConnectivityService.java b/service/src/com/android/server/ConnectivityService.java
index 8d8442f..848901f 100644
--- a/service/src/com/android/server/ConnectivityService.java
+++ b/service/src/com/android/server/ConnectivityService.java
@@ -11361,6 +11361,7 @@
case ConnectivityManager.FIREWALL_CHAIN_STANDBY:
case ConnectivityManager.FIREWALL_CHAIN_OEM_DENY_1:
case ConnectivityManager.FIREWALL_CHAIN_OEM_DENY_2:
+ case ConnectivityManager.FIREWALL_CHAIN_OEM_DENY_3:
defaultRule = FIREWALL_RULE_ALLOW;
break;
case ConnectivityManager.FIREWALL_CHAIN_DOZABLE:
@@ -11416,6 +11417,9 @@
case ConnectivityManager.FIREWALL_CHAIN_OEM_DENY_2:
mBpfNetMaps.replaceUidChain("fw_oem_deny_2", false /* isAllowList */, uids);
break;
+ case ConnectivityManager.FIREWALL_CHAIN_OEM_DENY_3:
+ mBpfNetMaps.replaceUidChain("fw_oem_deny_3", false /* isAllowList */, uids);
+ break;
default:
throw new IllegalArgumentException("replaceFirewallChain with invalid chain: "
+ chain);