LineageOS/android_packages_modules_Connectivity
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Make NET_CAPABILITY_VALIDATED (almost) a first-class citizen.

Browse Source 
1. Always keep ConnectivityService's validated bits current:
   - Apply the validated bit whenever a NetworkAgent updates its
     NetworkCapabilities.
   - Set or clear the validated bit whenever lastValidated changes.
2. Send callbacks when the validation state of a network changes.
3. Delete getNetworkCapabilitiesAndValidation, removing code
   duplication with getNetworkCapabilities.
4. Add the validated bit to NetworkCapabilities#toString.

Bug: 18591282
Bug: 20081183
Change-Id: I6aa53b61c15cc137f203f9fc6bbd4c16894be750
This commit is contained in:
Lorenzo Colitti
2015-05-14 17:28:27 +09:00
parent 527979bb76
commit e97685a88f
2 changed files with 30 additions and 38 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
core/java/android/net/NetworkCapabilities.java
View File

@@ -619,6 +619,7 @@ public final class NetworkCapabilities implements Parcelable {
case NET_CAPABILITY_NOT_RESTRICTED: capabilities += "NOT_RESTRICTED"; break; case NET_CAPABILITY_NOT_RESTRICTED: capabilities += "NOT_RESTRICTED"; break;
case NET_CAPABILITY_TRUSTED: capabilities += "TRUSTED"; break; case NET_CAPABILITY_TRUSTED: capabilities += "TRUSTED"; break;
case NET_CAPABILITY_NOT_VPN: capabilities += "NOT_VPN"; break; case NET_CAPABILITY_NOT_VPN: capabilities += "NOT_VPN"; break;
case NET_CAPABILITY_VALIDATED: capabilities += "VALIDATED"; break;
} }
if (++i < types.length) capabilities += "&"; if (++i < types.length) capabilities += "&";
} }

67
services/core/java/com/android/server/ConnectivityService.java
View File

@@ -1071,23 +1071,6 @@ public class ConnectivityService extends IConnectivityManager.Stub
} }
} }
private NetworkCapabilities getNetworkCapabilitiesAndValidation(NetworkAgentInfo nai) {
if (nai != null) {
synchronized (nai) {
if (nai.created) {
NetworkCapabilities nc = new NetworkCapabilities(nai.networkCapabilities);
if (nai.lastValidated) {
nc.addCapability(NET_CAPABILITY_VALIDATED);
} else {
nc.removeCapability(NET_CAPABILITY_VALIDATED);
}
return nc;
}
}
}
return null;
}
@Override @Override
public NetworkCapabilities[] getDefaultNetworkCapabilitiesForUser(int userId) { public NetworkCapabilities[] getDefaultNetworkCapabilitiesForUser(int userId) {
// The basic principle is: if an app's traffic could possibly go over a // The basic principle is: if an app's traffic could possibly go over a
@@ -1109,7 +1092,7 @@ public class ConnectivityService extends IConnectivityManager.Stub
HashMap<Network, NetworkCapabilities> result = new HashMap<Network, NetworkCapabilities>(); HashMap<Network, NetworkCapabilities> result = new HashMap<Network, NetworkCapabilities>();
NetworkAgentInfo nai = getDefaultNetwork(); NetworkAgentInfo nai = getDefaultNetwork();
NetworkCapabilities nc = getNetworkCapabilitiesAndValidation(getDefaultNetwork()); NetworkCapabilities nc = getNetworkCapabilitiesInternal(nai);
if (nc != null) { if (nc != null) {
result.put(nai.network, nc); result.put(nai.network, nc);
} }
@@ -1122,9 +1105,9 @@ public class ConnectivityService extends IConnectivityManager.Stub
if (networks != null) { if (networks != null) {
for (Network network : networks) { for (Network network : networks) {
nai = getNetworkAgentInfoForNetwork(network); nai = getNetworkAgentInfoForNetwork(network);
nc = getNetworkCapabilitiesAndValidation(nai); nc = getNetworkCapabilitiesInternal(nai);
if (nc != null) { if (nc != null) {
result.put(nai.network, nc); result.put(network, nc);
} }
} }
} }
@@ -1184,24 +1167,23 @@ public class ConnectivityService extends IConnectivityManager.Stub
return null; return null;
} }
@Override private NetworkCapabilities getNetworkCapabilitiesInternal(NetworkAgentInfo nai) {
public NetworkCapabilities getNetworkCapabilities(Network network) {
enforceAccessPermission();
NetworkAgentInfo nai = getNetworkAgentInfoForNetwork(network);
if (nai != null) { if (nai != null) {
synchronized (nai) { synchronized (nai) {
NetworkCapabilities nc = new NetworkCapabilities(nai.networkCapabilities); if (nai.networkCapabilities != null) {
if (nai.lastValidated) { return new NetworkCapabilities(nai.networkCapabilities);
nc.addCapability(NET_CAPABILITY_VALIDATED);
} else {
nc.removeCapability(NET_CAPABILITY_VALIDATED);
} }
return nc;
} }
} }
return null; return null;
} }
@Override
public NetworkCapabilities getNetworkCapabilities(Network network) {
enforceAccessPermission();
return getNetworkCapabilitiesInternal(getNetworkAgentInfoForNetwork(network));
}
@Override @Override
public NetworkState[] getAllNetworkState() { public NetworkState[] getAllNetworkState() {
// Require internal since we're handing out IMSI details // Require internal since we're handing out IMSI details
@@ -1950,11 +1932,14 @@ public class ConnectivityService extends IConnectivityManager.Stub
} }
case NetworkMonitor.EVENT_NETWORK_TESTED: { case NetworkMonitor.EVENT_NETWORK_TESTED: {
NetworkAgentInfo nai = (NetworkAgentInfo)msg.obj; NetworkAgentInfo nai = (NetworkAgentInfo)msg.obj;
if (isLiveNetworkAgent(nai, "EVENT_NETWORK_VALIDATED")) { if (isLiveNetworkAgent(nai, "EVENT_NETWORK_TESTED")) {
boolean valid = (msg.arg1 == NetworkMonitor.NETWORK_TEST_RESULT_VALID); final boolean valid =
(msg.arg1 == NetworkMonitor.NETWORK_TEST_RESULT_VALID);
final boolean validationChanged = (valid != nai.lastValidated);
nai.lastValidated = valid; nai.lastValidated = valid;
if (valid) { if (valid) {
if (DBG) log("Validated " + nai.name()); if (DBG) log("Validated " + nai.name());
nai.networkCapabilities.addCapability(NET_CAPABILITY_VALIDATED);
if (!nai.everValidated) { if (!nai.everValidated) {
nai.everValidated = true; nai.everValidated = true;
rematchNetworkAndRequests(nai, NascentState.JUST_VALIDATED, rematchNetworkAndRequests(nai, NascentState.JUST_VALIDATED,
@@ -1962,6 +1947,8 @@ public class ConnectivityService extends IConnectivityManager.Stub
// If score has changed, rebroadcast to NetworkFactories. b/17726566 // If score has changed, rebroadcast to NetworkFactories. b/17726566
sendUpdatedScoreToFactories(nai); sendUpdatedScoreToFactories(nai);
} }
} else {
nai.networkCapabilities.removeCapability(NET_CAPABILITY_VALIDATED);
} }
updateInetCondition(nai); updateInetCondition(nai);
// Let the NetworkAgent know the state of its network // Let the NetworkAgent know the state of its network
@@ -1970,8 +1957,9 @@ public class ConnectivityService extends IConnectivityManager.Stub
(valid ? NetworkAgent.VALID_NETWORK : NetworkAgent.INVALID_NETWORK), (valid ? NetworkAgent.VALID_NETWORK : NetworkAgent.INVALID_NETWORK),
0, null); 0, null);
// TODO: trigger a NetworkCapabilities update so that the dialog can know if (validationChanged) {
// that the network is now validated and close itself. notifyNetworkCallbacks(nai, ConnectivityManager.CALLBACK_CAP_CHANGED);
}
} }
break; break;
} }
@@ -3534,8 +3522,7 @@ public class ConnectivityService extends IConnectivityManager.Stub
} }
private void enforceNetworkRequestPermissions(NetworkCapabilities networkCapabilities) { private void enforceNetworkRequestPermissions(NetworkCapabilities networkCapabilities) {
if (networkCapabilities.hasCapability(NET_CAPABILITY_NOT_RESTRICTED) if (networkCapabilities.hasCapability(NET_CAPABILITY_NOT_RESTRICTED) == false) {
== false) {
enforceConnectivityInternalPermission(); enforceConnectivityInternalPermission();
} else { } else {
enforceChangePermission(); enforceChangePermission();
@@ -3562,8 +3549,7 @@ public class ConnectivityService extends IConnectivityManager.Stub
private void enforceMeteredApnPolicy(NetworkCapabilities networkCapabilities) { private void enforceMeteredApnPolicy(NetworkCapabilities networkCapabilities) {
// if UID is restricted, don't allow them to bring up metered APNs // if UID is restricted, don't allow them to bring up metered APNs
if (networkCapabilities.hasCapability(NET_CAPABILITY_NOT_METERED) if (networkCapabilities.hasCapability(NET_CAPABILITY_NOT_METERED) == false) {
== false) {
final int uidRules; final int uidRules;
final int uid = Binder.getCallingUid(); final int uid = Binder.getCallingUid();
synchronized(mRulesLock) { synchronized(mRulesLock) {
@@ -3934,6 +3920,11 @@ public class ConnectivityService extends IConnectivityManager.Stub
synchronized (networkAgent) { synchronized (networkAgent) {
networkAgent.networkCapabilities = networkCapabilities; networkAgent.networkCapabilities = networkCapabilities;
} }
if (networkAgent.lastValidated) {
networkAgent.networkCapabilities.addCapability(NET_CAPABILITY_VALIDATED);
// There's no need to remove the capability if we think the network is unvalidated,
// because NetworkAgents don't set the validated capability.
}
rematchAllNetworksAndRequests(networkAgent, networkAgent.getCurrentScore()); rematchAllNetworksAndRequests(networkAgent, networkAgent.getCurrentScore());
notifyNetworkCallbacks(networkAgent, ConnectivityManager.CALLBACK_CAP_CHANGED); notifyNetworkCallbacks(networkAgent, ConnectivityManager.CALLBACK_CAP_CHANGED);
} }