LineageOS/android_packages_modules_Connectivity
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

resolve merge conflicts of 403b7fd0b0a6736bcee1817fb5c774f8c8a040de to stage-aosp-master

Browse Source 
Change-Id: Ib9d7923104ac0a60f6af5a3a2d2b7f13bc0262e3
This commit is contained in:
Roshan Pius
2021-03-21 17:55:29 +00:00
parent 903fec2c31
commit 1e97e45498
5 changed files with 139 additions and 42 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
framework/api/module-lib-current.txt
View File

@@ -40,7 +40,13 @@ package android.net {
} }
public final class NetworkCapabilities implements android.os.Parcelable { public final class NetworkCapabilities implements android.os.Parcelable {
ctor public NetworkCapabilities(@Nullable android.net.NetworkCapabilities, long);
method @Nullable public java.util.Set<android.util.Range<java.lang.Integer>> getUids(); method @Nullable public java.util.Set<android.util.Range<java.lang.Integer>> getUids();
field public static final long REDACT_ALL = -1L; // 0xffffffffffffffffL
field public static final long REDACT_FOR_ACCESS_FINE_LOCATION = 1L; // 0x1L
field public static final long REDACT_FOR_LOCAL_MAC_ADDRESS = 2L; // 0x2L
field public static final long REDACT_FOR_NETWORK_SETTINGS = 4L; // 0x4L
field public static final long REDACT_NONE = 0L; // 0x0L
field public static final int TRANSPORT_TEST = 7; // 0x7 field public static final int TRANSPORT_TEST = 7; // 0x7
} }
@@ -92,6 +98,11 @@ package android.net {
field @NonNull public static final android.os.Parcelable.Creator<android.net.TestNetworkSpecifier> CREATOR; field @NonNull public static final android.os.Parcelable.Creator<android.net.TestNetworkSpecifier> CREATOR;
} }
public interface TransportInfo {
method public default long getApplicableRedactions();
method @NonNull public default android.net.TransportInfo makeCopy(long);
}
public final class VpnTransportInfo implements android.os.Parcelable android.net.TransportInfo { public final class VpnTransportInfo implements android.os.Parcelable android.net.TransportInfo {
ctor public VpnTransportInfo(int); ctor public VpnTransportInfo(int);
method public int describeContents(); method public int describeContents();

6
framework/api/system-current.txt
View File

@@ -261,7 +261,6 @@ package android.net {
} }
public final class NetworkCapabilities implements android.os.Parcelable { public final class NetworkCapabilities implements android.os.Parcelable {
ctor public NetworkCapabilities(@Nullable android.net.NetworkCapabilities, boolean);
method @NonNull public int[] getAdministratorUids(); method @NonNull public int[] getAdministratorUids();
method @Nullable public String getSsid(); method @Nullable public String getSsid();
method @NonNull public int[] getTransportTypes(); method @NonNull public int[] getTransportTypes();
@@ -435,11 +434,6 @@ package android.net {
field public final int tcpWindowScale; field public final int tcpWindowScale;
} }
public interface TransportInfo {
method public default boolean hasLocationSensitiveFields();
method @NonNull public default android.net.TransportInfo makeCopy(boolean);
}
} }
package android.net.apf { package android.net.apf {

5
framework/src/android/net/NetworkAgent.java
View File

@@ -434,7 +434,7 @@ public abstract class NetworkAgent {
} }
mInitialConfiguration = new InitialConfiguration(context, mInitialConfiguration = new InitialConfiguration(context,
new NetworkCapabilities(nc, /* parcelLocationSensitiveFields */ true), new NetworkCapabilities(nc, NetworkCapabilities.REDACT_NONE),
new LinkProperties(lp), score, config, ni); new LinkProperties(lp), score, config, ni);
} }
@@ -878,8 +878,7 @@ public abstract class NetworkAgent {
mBandwidthUpdatePending.set(false); mBandwidthUpdatePending.set(false);
mLastBwRefreshTime = System.currentTimeMillis(); mLastBwRefreshTime = System.currentTimeMillis();
final NetworkCapabilities nc = final NetworkCapabilities nc =
new NetworkCapabilities(networkCapabilities, new NetworkCapabilities(networkCapabilities, NetworkCapabilities.REDACT_NONE);
/* parcelLocationSensitiveFields */ true);
queueOrSendMessage(reg -> reg.sendNetworkCapabilities(nc)); queueOrSendMessage(reg -> reg.sendNetworkCapabilities(nc));
} }

111
framework/src/android/net/NetworkCapabilities.java
View File

@@ -19,6 +19,7 @@ package android.net;
import static com.android.internal.annotations.VisibleForTesting.Visibility.PRIVATE; import static com.android.internal.annotations.VisibleForTesting.Visibility.PRIVATE;
import android.annotation.IntDef; import android.annotation.IntDef;
import android.annotation.LongDef;
import android.annotation.NonNull; import android.annotation.NonNull;
import android.annotation.Nullable; import android.annotation.Nullable;
import android.annotation.RequiresPermission; import android.annotation.RequiresPermission;
@@ -64,6 +65,68 @@ import java.util.StringJoiner;
public final class NetworkCapabilities implements Parcelable { public final class NetworkCapabilities implements Parcelable {
private static final String TAG = "NetworkCapabilities"; private static final String TAG = "NetworkCapabilities";
/**
* Mechanism to support redaction of fields in NetworkCapabilities that are guarded by specific
* app permissions.
**/
/**
* Don't redact any fields since the receiving app holds all the necessary permissions.
*
* @hide
*/
@SystemApi(client = SystemApi.Client.MODULE_LIBRARIES)
public static final long REDACT_NONE = 0;
/**
* Redact any fields that need {@link android.Manifest.permission#ACCESS_FINE_LOCATION}
* permission since the receiving app does not hold this permission or the location toggle
* is off.
*
* @see android.Manifest.permission#ACCESS_FINE_LOCATION
* @hide
*/
@SystemApi(client = SystemApi.Client.MODULE_LIBRARIES)
public static final long REDACT_FOR_ACCESS_FINE_LOCATION = 1 << 0;
/**
* Redact any fields that need {@link android.Manifest.permission#LOCAL_MAC_ADDRESS}
* permission since the receiving app does not hold this permission.
*
* @see android.Manifest.permission#LOCAL_MAC_ADDRESS
* @hide
*/
@SystemApi(client = SystemApi.Client.MODULE_LIBRARIES)
public static final long REDACT_FOR_LOCAL_MAC_ADDRESS = 1 << 1;
/**
*
* Redact any fields that need {@link android.Manifest.permission#NETWORK_SETTINGS}
* permission since the receiving app does not hold this permission.
*
* @see android.Manifest.permission#NETWORK_SETTINGS
* @hide
*/
@SystemApi(client = SystemApi.Client.MODULE_LIBRARIES)
public static final long REDACT_FOR_NETWORK_SETTINGS = 1 << 2;
/**
* Redact all fields in this object that require any relevant permission.
* @hide
*/
@SystemApi(client = SystemApi.Client.MODULE_LIBRARIES)
public static final long REDACT_ALL = -1L;
/** @hide */
@LongDef(flag = true, prefix = { "REDACT_" }, value = {
REDACT_NONE,
REDACT_FOR_ACCESS_FINE_LOCATION,
REDACT_FOR_LOCAL_MAC_ADDRESS,
REDACT_FOR_NETWORK_SETTINGS,
REDACT_ALL
})
@Retention(RetentionPolicy.SOURCE)
public @interface RedactionType {}
// Set to true when private DNS is broken. // Set to true when private DNS is broken.
private boolean mPrivateDnsBroken; private boolean mPrivateDnsBroken;
@@ -78,32 +141,31 @@ public final class NetworkCapabilities implements Parcelable {
private String mRequestorPackageName; private String mRequestorPackageName;
/** /**
* Indicates whether parceling should preserve fields that are set based on permissions of * Indicates what fields should be redacted from this instance.
* the process receiving the {@link NetworkCapabilities}.
*/ */
private final boolean mParcelLocationSensitiveFields; private final @RedactionType long mRedactions;
public NetworkCapabilities() { public NetworkCapabilities() {
mParcelLocationSensitiveFields = false; mRedactions = REDACT_ALL;
clearAll(); clearAll();
mNetworkCapabilities = DEFAULT_CAPABILITIES; mNetworkCapabilities = DEFAULT_CAPABILITIES;
} }
public NetworkCapabilities(NetworkCapabilities nc) { public NetworkCapabilities(NetworkCapabilities nc) {
this(nc, false /* parcelLocationSensitiveFields */); this(nc, REDACT_ALL);
} }
/** /**
* Make a copy of NetworkCapabilities. * Make a copy of NetworkCapabilities.
* *
* @param nc Original NetworkCapabilities * @param nc Original NetworkCapabilities
* @param parcelLocationSensitiveFields Whether to parcel location sensitive data or not. * @param redactions bitmask of redactions that needs to be performed on this new instance of
* {@link NetworkCapabilities}.
* @hide * @hide
*/ */
@SystemApi @SystemApi(client = SystemApi.Client.MODULE_LIBRARIES)
public NetworkCapabilities( public NetworkCapabilities(@Nullable NetworkCapabilities nc, @RedactionType long redactions) {
@Nullable NetworkCapabilities nc, boolean parcelLocationSensitiveFields) { mRedactions = redactions;
mParcelLocationSensitiveFields = parcelLocationSensitiveFields;
if (nc != null) { if (nc != null) {
set(nc); set(nc);
} }
@@ -115,11 +177,13 @@ public final class NetworkCapabilities implements Parcelable {
* @hide * @hide
*/ */
public void clearAll() { public void clearAll() {
// Ensures that the internal copies maintained by the connectivity stack does not set // Ensures that the internal copies maintained by the connectivity stack does not set it to
// this bit. // anything other than |REDACT_ALL|.
if (mParcelLocationSensitiveFields) { if (mRedactions != REDACT_ALL) {
// This is needed because the current redaction mechanism relies on redaction while
// parceling.
throw new UnsupportedOperationException( throw new UnsupportedOperationException(
"Cannot clear NetworkCapabilities when parcelLocationSensitiveFields is set"); "Cannot clear NetworkCapabilities when mRedactions is set");
} }
mNetworkCapabilities = mTransportTypes = mUnwantedNetworkCapabilities = 0; mNetworkCapabilities = mTransportTypes = mUnwantedNetworkCapabilities = 0;
mLinkUpBandwidthKbps = mLinkDownBandwidthKbps = LINK_BANDWIDTH_UNSPECIFIED; mLinkUpBandwidthKbps = mLinkDownBandwidthKbps = LINK_BANDWIDTH_UNSPECIFIED;
@@ -149,7 +213,7 @@ public final class NetworkCapabilities implements Parcelable {
mLinkDownBandwidthKbps = nc.mLinkDownBandwidthKbps; mLinkDownBandwidthKbps = nc.mLinkDownBandwidthKbps;
mNetworkSpecifier = nc.mNetworkSpecifier; mNetworkSpecifier = nc.mNetworkSpecifier;
if (nc.getTransportInfo() != null) { if (nc.getTransportInfo() != null) {
setTransportInfo(nc.getTransportInfo().makeCopy(mParcelLocationSensitiveFields)); setTransportInfo(nc.getTransportInfo().makeCopy(mRedactions));
} else { } else {
setTransportInfo(null); setTransportInfo(null);
} }
@@ -2349,6 +2413,23 @@ public final class NetworkCapabilities implements Parcelable {
} }
} }
/**
* Returns a bitmask of all the applicable redactions (based on the permissions held by the
* receiving app) to be performed on this object.
*
* @return bitmask of redactions applicable on this instance.
* @hide
*/
public @RedactionType long getApplicableRedactions() {
// Currently, there are no fields redacted in NetworkCapabilities itself, so we just
// passthrough the redactions required by the embedded TransportInfo. If this changes
// in the future, modify this method.
if (mTransportInfo == null) {
return NetworkCapabilities.REDACT_NONE;
}
return mTransportInfo.getApplicableRedactions();
}
/** /**
* Builder class for NetworkCapabilities. * Builder class for NetworkCapabilities.
* *

48
framework/src/android/net/TransportInfo.java
View File

@@ -29,35 +29,47 @@ import android.annotation.SystemApi;
public interface TransportInfo { public interface TransportInfo {
/** /**
* Create a copy of a {@link TransportInfo} that will preserve location sensitive fields that * Create a copy of a {@link TransportInfo} with some fields redacted based on the permissions
* were set based on the permissions of the process that originally received it. * held by the receiving app.
* *
* <p>By default {@link TransportInfo} does not preserve such fields during parceling, as * <p>
* they should not be shared outside of the process that receives them without appropriate * Usage by connectivity stack:
* checks. * <ul>
* <li> Connectivity stack will invoke {@link #getApplicableRedactions()} to find the list
* of redactions that are required by this {@link TransportInfo} instance.</li>
* <li> Connectivity stack then loops through each bit in the bitmask returned and checks if the
* receiving app holds the corresponding permission.
* <ul>
* <li> If the app holds the corresponding permission, the bit is cleared from the
* |redactions| bitmask. </li>
* <li> If the app does not hold the corresponding permission, the bit is retained in the
* |redactions| bitmask. </li>
* </ul>
* <li> Connectivity stack then invokes {@link #makeCopy(long)} with the necessary |redactions|
* to create a copy to send to the corresponding app. </li>
* </ul>
* </p>
* *
* @param parcelLocationSensitiveFields Whether the location sensitive fields should be kept * @param redactions bitmask of redactions that needs to be performed on this instance.
* when parceling * @return Copy of this instance with the necessary redactions.
* @return Copy of this instance.
* @hide * @hide
*/ */
@SystemApi @SystemApi(client = SystemApi.Client.MODULE_LIBRARIES)
@NonNull @NonNull
default TransportInfo makeCopy(boolean parcelLocationSensitiveFields) { default TransportInfo makeCopy(@NetworkCapabilities.RedactionType long redactions) {
return this; return this;
} }
/** /**
* Returns whether this TransportInfo type has location sensitive fields or not (helps * Returns a bitmask of all the applicable redactions (based on the permissions held by the
* to determine whether to perform a location permission check or not before sending to * receiving app) to be performed on this TransportInfo.
* apps).
* *
* @return {@code true} if this instance contains location sensitive info, {@code false} * @return bitmask of redactions applicable on this instance.
* otherwise. * @see #makeCopy(long)
* @hide * @hide
*/ */
@SystemApi @SystemApi(client = SystemApi.Client.MODULE_LIBRARIES)
default boolean hasLocationSensitiveFields() { default @NetworkCapabilities.RedactionType long getApplicableRedactions() {
return false; return NetworkCapabilities.REDACT_NONE;
} }
} }