commit 94e69beca33401fcbe048e975fb684ab7f8c407c
author Robin Lee <rgl@google.com> Tue May 03 13:23:03 2016 +0100
committer Robin Lee <rgl@google.com> Tue May 03 13:24:42 2016 +0100
tree 4ca34ff3edbf9e87af11774760e9f50d8a1e5000
parent e095d2f708a7be623caf1547ee587f66907d217c

Add lockdownEnabled parameter to always-on VPN API

Allows callers to opt-out of blockading network traffic during boot and
on VPN app failure.

Bug: 26694104
Change-Id: Ibfbd43ad09a25f2e38053fcd6306df3711f8bde2

core/java/android/net/ConnectivityManager.java

diff --git a/core/java/android/net/ConnectivityManager.java b/core/java/android/net/ConnectivityManager.java
index faf5c64..e65462b 100644
--- a/core/java/android/net/ConnectivityManager.java
+++ b/core/java/android/net/ConnectivityManager.java
@@ -792,14 +792,16 @@
      * @param userId The identifier of the user to set an always-on VPN for.
      * @param vpnPackage The package name for an installed VPN app on the device, or {@code null}
      *                   to remove an existing always-on VPN configuration.
-
+     * @param lockdownEnabled {@code true} to disallow networking when the VPN is not connected or
+     *        {@code false} otherwise.
      * @return {@code true} if the package is set as always-on VPN controller;
      *         {@code false} otherwise.
      * @hide
      */
-    public boolean setAlwaysOnVpnPackageForUser(int userId, @Nullable String vpnPackage) {
+    public boolean setAlwaysOnVpnPackageForUser(int userId, @Nullable String vpnPackage,
+            boolean lockdownEnabled) {
         try {
-            return mService.setAlwaysOnVpnPackage(userId, vpnPackage);
+            return mService.setAlwaysOnVpnPackage(userId, vpnPackage, lockdownEnabled);
         } catch (RemoteException e) {
             throw e.rethrowFromSystemServer();
         }

core/java/android/net/IConnectivityManager.aidl

diff --git a/core/java/android/net/IConnectivityManager.aidl b/core/java/android/net/IConnectivityManager.aidl
index c897c45..e7a072c 100644
--- a/core/java/android/net/IConnectivityManager.aidl
+++ b/core/java/android/net/IConnectivityManager.aidl
@@ -122,7 +122,7 @@
     VpnInfo[] getAllVpnInfo();
 
     boolean updateLockdownVpn();
-    boolean setAlwaysOnVpnPackage(int userId, String packageName);
+    boolean setAlwaysOnVpnPackage(int userId, String packageName, boolean lockdown);
     String getAlwaysOnVpnPackage(int userId);
 
     int checkMobileProvisioning(int suggestedTimeOutMs);

services/core/java/com/android/server/ConnectivityService.java

diff --git a/services/core/java/com/android/server/ConnectivityService.java b/services/core/java/com/android/server/ConnectivityService.java
index d85827e..100ada8 100644
--- a/services/core/java/com/android/server/ConnectivityService.java
+++ b/services/core/java/com/android/server/ConnectivityService.java
@@ -3309,7 +3309,7 @@
     }
 
     @Override
-    public boolean setAlwaysOnVpnPackage(int userId, String packageName) {
+    public boolean setAlwaysOnVpnPackage(int userId, String packageName, boolean lockdown) {
         enforceConnectivityInternalPermission();
         enforceCrossUserPermission(userId);