Swap the priority of UID_DEFAULT_UNREACHABLE and UID_DEFAULT_NETWORK

Let UID_DEFAULT_NETWORK has higher priority than
UID_DEFAULT_UNREACHABLE. Otherwise, the app will be told by
ConnectivityService that it has a network in step 1 of the scenario
below, which may potentially cause a user-visible error.

framework --> netd
step 1: add uid to OEM-paid network list
step 2: remove uid from unreachable network

Test: atest
Change-Id: I3fa49449b9d593b4a0346e8c2cb8d334628c0294

1 files changed, 12 insertions, 12 deletions

diff --git a/server/NetworkController.cpp b/server/NetworkController.cpp
index 14a4aa606..12b5b2b09 100644
--- a/server/NetworkController.cpp
+++ b/server/NetworkController.cpp
@@ -254,8 +254,8 @@ uint32_t NetworkController::getNetworkForDnsLocked(unsigned* netId, uid_t uid) c
 }
 
 // Returns the NetId that a given UID would use if no network is explicitly selected. Specifically,
-// the VPN that applies to the UID if any; Otherwise, the unreachable network that applies to the
-// UID; Otherwise, the default network for UID; lastly, the default network.
+// the VPN that applies to the UID if any; Otherwise, the default network for UID; Otherwise the
+// unreachable network that applies to the UID; lastly, the default network.
 unsigned NetworkController::getNetworkForUser(uid_t uid) const {
     ScopedRLock lock(mRWLock);
     if (VirtualNetwork* virtualNetwork = getVirtualNetworkForUserLocked(uid)) {
@@ -777,12 +777,7 @@ VirtualNetwork* NetworkController::getVirtualNetworkForUserLocked(uid_t uid) con
 }
 
 Network* NetworkController::getPhysicalOrUnreachableNetworkForUserLocked(uid_t uid) const {
-    // Unreachable network take precedence over OEM-paid network.
-    auto iter = mNetworks.find(UNREACHABLE_NET_ID);
-    if (iter != mNetworks.end() && iter->second->appliesToUser(uid)) {
-        return iter->second;
-    }
-
+    // OEM-paid network take precedence over the unreachable network.
     for (const auto& [_, network] : mNetworks) {
         if (network->isPhysical() && network->appliesToUser(uid)) {
             // Return the first physical network that matches UID.
@@ -791,6 +786,11 @@ Network* NetworkController::getPhysicalOrUnreachableNetworkForUserLocked(uid_t u
             return network;
         }
     }
+
+    auto iter = mNetworks.find(UNREACHABLE_NET_ID);
+    if (iter != mNetworks.end() && iter->second->appliesToUser(uid)) {
+        return iter->second;
+    }
     return nullptr;
 }
 
@@ -829,15 +829,15 @@ int NetworkController::checkUserNetworkAccessLocked(uid_t uid, unsigned netId) c
             mProtectableUsers.find(uid) == mProtectableUsers.end()) {
         return -EPERM;
     }
-    // Only apps that are configured as "no default network" can use the unreachable network.
-    if (network->isUnreachable()) {
-        return network->appliesToUser(uid) ? 0 : -EPERM;
-    }
     // If the UID wants to use a physical network and it has a UID range that includes the UID, the
     // UID has permission to use it regardless of whether the permission bits match.
     if (network->isPhysical() && network->appliesToUser(uid)) {
         return 0;
     }
+    // Only apps that are configured as "no default network" can use the unreachable network.
+    if (network->isUnreachable()) {
+        return network->appliesToUser(uid) ? 0 : -EPERM;
+    }
     // Check whether the UID's permission bits are sufficient to use the network.
     // Because the permission of the system default network is PERMISSION_NONE(0x0), apps can always
     // pass the check here when using the system default network.