186 uint32_t NetworkController::getNetworkForDns(unsigned* netId, uid_t uid) const {  in getNetworkForDns()
191     if (checkUserNetworkAccessLocked(uid, *netId) == 0) {  in getNetworkForDns()
210         VirtualNetwork* virtualNetwork = getVirtualNetworkForUserLocked(uid);  in getNetworkForDns()
225 unsigned NetworkController::getNetworkForUser(uid_t uid) const {  in getNetworkForUser()
227     if (VirtualNetwork* virtualNetwork = getVirtualNetworkForUserLocked(uid)) {  in getNetworkForUser()
247 unsigned NetworkController::getNetworkForConnect(uid_t uid) const {  in getNetworkForConnect()
249     VirtualNetwork* virtualNetwork = getVirtualNetworkForUserLocked(uid);  in getNetworkForConnect()
257         unsigned netId, uid_t uid, struct android_net_context* netcontext) const {  in getNetworkContext()  argument
263             .uid = uid,  in getNetworkContext()
281         nc.app_netid = getNetworkForConnect(uid);  in getNetworkContext()
287     fwmark.protectedFromVpn = canProtect(uid);  in getNetworkContext()
288     fwmark.permission = getPermissionForUser(uid);  in getNetworkContext()
291     nc.dns_mark = getNetworkForDns(&(nc.dns_netid), uid);  in getNetworkContext()
424 Permission NetworkController::getPermissionForUser(uid_t uid) const {  in getPermissionForUser()
426     return getPermissionForUserLocked(uid);  in getPermissionForUser()
432     for (uid_t uid : uids) {  in setPermissionForUsers()  local
433         mUsers[uid] = permission;  in setPermissionForUsers()
437 int NetworkController::checkUserNetworkAccess(uid_t uid, unsigned netId) const {  in checkUserNetworkAccess()  argument
439     return checkUserNetworkAccessLocked(uid, netId);  in checkUserNetworkAccess()
501                                 const char* nexthop, bool legacy, uid_t uid) {  in addRoute()  argument
502     return modifyRoute(netId, interface, destination, nexthop, true, legacy, uid);  in addRoute()
506                                    const char* nexthop, bool legacy, uid_t uid) {  in removeRoute()  argument
507     return modifyRoute(netId, interface, destination, nexthop, false, legacy, uid);  in removeRoute()
510 bool NetworkController::canProtect(uid_t uid) const {  in canProtect()
512     return ((getPermissionForUserLocked(uid) & PERMISSION_SYSTEM) == PERMISSION_SYSTEM) ||  in canProtect()
513            mProtectableUsers.find(uid) != mProtectableUsers.end();  in canProtect()
523     for (uid_t uid : uids) {  in denyProtect()  local
524         mProtectableUsers.erase(uid);  in denyProtect()
562 VirtualNetwork* NetworkController::getVirtualNetworkForUserLocked(uid_t uid) const {  in getVirtualNetworkForUserLocked()
566             if (virtualNetwork->appliesToUser(uid)) {  in getVirtualNetworkForUserLocked()
574 Permission NetworkController::getPermissionForUserLocked(uid_t uid) const {  in getPermissionForUserLocked()
575     auto iter = mUsers.find(uid);  in getPermissionForUserLocked()
579     return uid < FIRST_APPLICATION_UID ? PERMISSION_SYSTEM : PERMISSION_NONE;  in getPermissionForUserLocked()
582 int NetworkController::checkUserNetworkAccessLocked(uid_t uid, unsigned netId) const {  in checkUserNetworkAccessLocked()  argument
590     if (uid == INVALID_UID) {  in checkUserNetworkAccessLocked()
593     Permission userPermission = getPermissionForUserLocked(uid);  in checkUserNetworkAccessLocked()
598         return static_cast<VirtualNetwork*>(network)->appliesToUser(uid) ? 0 : -EPERM;  in checkUserNetworkAccessLocked()
600     VirtualNetwork* virtualNetwork = getVirtualNetworkForUserLocked(uid);  in checkUserNetworkAccessLocked()
602             mProtectableUsers.find(uid) == mProtectableUsers.end()) {  in checkUserNetworkAccessLocked()
610                                    const char* nexthop, bool add, bool legacy, uid_t uid) {  in modifyRoute()  argument
629         if ((getPermissionForUser(uid) & PERMISSION_SYSTEM) == PERMISSION_SYSTEM) {  in modifyRoute()