commit 697b299e3a04f8f39016aecdaf03b3a920fe1b8f
author Motomu Utsumi <motomuman@google.com> Thu Jun 30 02:25:29 2022 +0000
committer Motomu Utsumi <motomuman@google.com> Mon Jul 11 07:19:05 2022 +0000
tree 8dfb7501fe30ae16d598b0be4d6fce9971320f93
parent 55630d0dc8ad721d8cf46fd33a6b5cfdcef19d2d

Use java BpfMap in updateUidLockdownRule

Bug: 217624062
Test: atest BpfNetMapsTest HostsideVpnTests#testBlockIncomingPacket
Change-Id: I58cd614575a98c4b5a8f9c34d47dd2dfff187b26

service/src/com/android/server/BpfNetMaps.java

diff --git a/service/src/com/android/server/BpfNetMaps.java b/service/src/com/android/server/BpfNetMaps.java
index d3b83da..6599c7f 100644
--- a/service/src/com/android/server/BpfNetMaps.java
+++ b/service/src/com/android/server/BpfNetMaps.java
@@ -456,9 +456,11 @@
      *                                  cause of the failure.
      */
     public void updateUidLockdownRule(final int uid, final boolean add) {
-        synchronized (sUidOwnerMap) {
-            final int err = native_updateUidLockdownRule(uid, add);
-            maybeThrow(err, "Unable to update lockdown rule");
+        throwIfPreT("updateUidLockdownRule is not available on pre-T devices");
+        if (add) {
+            addRule(uid, LOCKDOWN_VPN_MATCH, "updateUidLockdownRule");
+        } else {
+            removeRule(uid, LOCKDOWN_VPN_MATCH, "updateUidLockdownRule");
         }
     }