Existing NetworkCallback users will get NetworkCapabilities with
location sensitive data removed (except for ownerUid which will be
added for existing apps for backwards compatibility). Apps
have to opt-in to receive location sensitive data.
Note: This was chosen because WifiInfo is the only TransportInfo tha
has location sensitive info & that was added only in Android 12. If we
choose to default to true, all existings apps retrieving
NetworkCapabilities for wifi networks will be blamed for location access
unnecessarily.
Changes:
i) Add a flag in NetworkCallback creation to retrieve
NetworkCapabilities with location sensitive info in their callback.
(More flags are being planned for NetworkCallback for throttling
callback frequency, etc)
ii) For NetworkCapabilities.getOwnerUid(), we will continue to send the
data for apps targeting older SDK (since this is an existing field and
the new flag defaults location sensitive data to off).
Bug: 156867433
Test: atest android.net
Test: atest com.android.server
Change-Id: If70b5ea6f5c8885f0c353c8df08a826d55fe7f7a
- Add a new API to get the network ID range of IPSec tunnel
interface.
- Use the new API in IpSecServiceTest to make sure the result is
the same. Follow-up commit will change the logic in
IpSecService#reserveNetId(), the modified test can ensure the
correctness of the new change.
Bug: 172183305
Test: atest FrameworksNetTests:IpSecServiceTest
Change-Id: Ic605e48941fc9d6482cdcd01a8adcdc9b6d586a6
Preconditions.checkNotNull is deprecated to be replaced by
Objects.requireNonNull, and other methods can easily be replaced by
inline checks.
Preconditions is an internal API class that should not be used by
unbundled jars.
Bug: 177046265
Test: m
Change-Id: If14a75439ff332c927dc4114ae0eecb89f53c6c7
INVALID_RESOURCE_ID is a hidden API so its usage should be avoided.
The current usage is for an unused parameter, so just use a literal instead.
Bug: 182451544
Change-Id: I066d9c34f735434adee4ee72e8a7fe1ceb900c3c
Test: m
Currently, ConnectivityService has getAllNetworkState but it is
not ideal to expose as system API since the plan is to get rid
of NetworkState. Thus, create a new one that returns
NetworkStateSnapshot to fulfill the needs.
Note the original getAllNetworkState cannot be deleted now since
it has @UnsupportedAppUsage annotation.
Test: atest FrameworksNetTests
Bug: 174123988
Change-Id: Icddd434552b0e9ecbc8299e7242ec88cf3145aca
Connectivity is becoming a mainline module in S and
ConnectivityManager#enforceChangePermission is using
Settings#checkAndNoteChangeNetworkStateOperation for performing a
strict and comprehensive check of whether a calling package is
allowed to change the state of network. However, Mainline modules
are not allowed to use non-formal APIs, fortunately CS is the
only caller of this ConnectivityManager#enforceChangePermission.
Thus, implement the Settings API on ConnectivityService and remove
the ConnectivityManager#enforceChangePermission and
Settings#checkAndNoteChangeNetworkStateOperation.
Bug: 178565313
Test: atest FrameworksNetTests
Change-Id: I6f03398c1735b89470ad5bdbe3a036929daeb53c
Merged-In: I6f03398c1735b89470ad5bdbe3a036929daeb53c
1. Stop using ConnectivityManager for VPNs in VpnDialogs.
2. Delete updateLockdownVpn, since all callers have been migrated
to calling VpnManager directly.
3. Delete the call to VpnManager in factoryReset, since the only
caller (ResetNetworkConfirm) has been updated to call into
VpnManager directly.
4. Delete getVpnManager, since it is now unused.
This reverts commit da6bc5ace2.
Reason for revert: should be safe to submit now that aosp/1596096 is merged
Bug: 173331190
Test: treehugger
Change-Id: Ife3607c024006ce4fe46c981e9742170becb6331
* changes:
[IT06]Move INetworkActivityListener into connectivity module
[IT05] Remove the unused network activity logic out from NMS
[IT4.7] Add network activity info into dumpsys for debugging
[IT4.6] Unbundle NMS out from ConnectivityManager
[IT4.5] Update radio power from CS directly
1. Stop using ConnectivityManager for VPNs in VpnDialogs.
2. Delete updateLockdownVpn, since all callers have been migrated
to calling VpnManager directly.
3. Delete the call to VpnManager in factoryReset, since the only
caller (ResetNetworkConfirm) has been updated to call into
VpnManager directly.
4. Delete getVpnManager, since it is now unused.
Test: m
Bug: 173331190
Change-Id: I5d071281c0e36f6523fea10671a9abf994c66d66
Add setHttpProxyConfiguration to the public API, and use
ConnectivityManager APIs from ActivityThread (instead of hidden APIs) to
get/set the proxy for an app process.
The default proxy is now initialized with getDefaultProxy instead of
getProxyForNetwork(null); this should not make a difference, as nothing
should have called bindProcessToNetwork at that point yet.
Bug: 174436414
Test: m; device boots
Merged-In: Ifb516194ecde1567cea4b6806946091cdcf2f015
Change-Id: I06b797eeae54609aecdc0afe1df4e6c602a17a69
INetworkActivityListener is hidden and the only usage is inside
the connectivity module. Thus, move this into module scope.
Bug: 170598012
Test: atest FrameworksNetTests
Change-Id: I0a75c440c1daa773217bbd362b212fda4d07ec64
ConnectivityService is no longer to update idle timer to NMS but
send to INetd directly after this change. Replace the API
implementation in ConnectivityManager to refer into
ConnectivityService instead of NetworkManagementService to remove
the dependency between CM and NMS for ConnectivityService mainline.
Bug: 170598012
Test: atest FrameworksNetTests
Change-Id: If0ac9a6427dba5a732a15b5d7ca1351b71b07b7b
Tethering API stubs depend on connectivity stubs for classes like
MacAddress or LinkAddress, so connectivity stubs cannot depend on
Tethering stubs or there would be a circular dependency.
This means ConnectivityManager API surface cannot reference Tethering
API constants. Instead, use the literal in ConnectivityManager.
This means that both ConnectivityManager and TetheringManager specify
the constant value. An alternative considered was to have
TetheringManager depend on the ConnectivityManager constants, but
considering that ConnectivityManager only has some of the constants,
this would be more confusing. Breaking the constants by mistake is
unlikely as their values are part of the API surface, so will always be
in sync.
Bug: 171540887
Test: m
Change-Id: I16b6e1912fffc5ff8b3b392901d2357ffd213c72
* changes:
Check registering system default callback needs NETWORK_SETTINGS.
Move VPN code from ConnectivityService to VpnManagerService.
Add a skeleton VpnManagerService, and start it on boot.
Convert LockdownVpnTracker to NetworkCallbacks.
Minor fixes to VpnTransportInfo.
Main implementation of ConnectivityService.setOemNetworkPreference. This
covers the main requirements of this method including listener
functionality.
Bug: 176495594
Bug: 177101287
Bug: 176494815
Test: atest FrameworksNetTests
atest NetworkStackTests
atest FrameworksNetIntegrationTests
atest NetworkStackIntegrationTests
atest CtsNetTestCasesLatestSdk
Change-Id: I8d318ab07785e52dd84d6261fdea8f318dce9bc5
ConnectivityService itself does not depend on mVpns or the Vpn
class any more. Most of this CL is simply moving code from one
class to another:
- Move the AIDL calls from IConnectivityManager to IVpnManager.
- Move the implementation from ConnectivityService to
the new VpnManagerService.
- Move the APIs from ConnectivityManager to VpnManager, but
temporarily maintain some shims in ConnectivityManager for the
moved calls so that existing callers do not have to be modified
in this CL.
- Update VpnService to call IVpnManager instead of
IConnectivityManager.
- Move the code that registers the VpnManager service from
ConnectivityFrameworkInitializer to SystemServiceRegistry.
Bug: 173331190
Test: atest HostsideVpnTests FrameworksNetTests CtsNetTestCases
Change-Id: I4911e2144df721a94fa00da9edf0dc372a7091c2
This will allow moving LockdownVpnTracker from the connectivity
to the VPN code. This requires moderate refactoring since it's
pretty tightly coupled to both.
In this CL:
1. Add an @hide API to tell ConnectivityService that legacy
lockdown VPN is enabled. I chose not to use the existing
setVpnRequiredForUids API because that method has specific
semantics and because it will be required long term since
it's used by non-legacy VPN types.
2. Instead of updating LockdownVpnTracker inline from the
ConnectivityService handler thread, have it listen to
NetworkCallbacks. This introduces an extra thread hop, but
most of the interactions between the lockdown VPN and CS were
via NetworkAgent, which is asynchronous anyway.
3. Add code to LegacyTypeTracker to send the extra
CONNECTIVITY_ACTION broadcast for the underlying network type
that is sent after the VPN connects. In order to do this, make
Make LockdownVpnTracker specify its underlying network
(via setUnderlyingNetworks) when it connects.
4. Reimplement LockdownVpnTracker#augmentNetworkInfo based on
information that is available in ConnectivityService.
5. Remove the code in LockdownVpnTracker that counted errors.
I think this code has not worked since lollipop, because
ConnectivityService never sees NetworkInfo objects in state
FAILED. This is because ConnectivityService only hears about
NetworkInfo objects via NetworkAgents, and LegacyVpnRunner
only registers its NetworkAgent when the connection succeeds.
Bug: 173331190
Test: passes existing tests in ConnectivityServiceTest
Change-Id: I66d18512882efd468ee0ecec61f28786a195b357
This method allows internal components to track the system
default network. This differs from registerDefaultNetworkCallback
because that method sends callbacks for the default network for
the UID that called it. This may not be the system default
network, for example, when a VPN is up and applies to the UID.
Bug: 173331190
Test: new unit tests in ConnectivityServiceTest
Test: new unit tests in ConnectivityManagerTest
Test: new CTS tests in ConnectivityServiceTest
Test: new CTS tests in HostsideVpnTests in other CL in this topic
Change-Id: Id02748a2183f71b71ff2a53a580466b9dcecaa93
Not currently setting the atttribution tag for location
permission checks. Plumb the attribution tag for all location permision
checks (so that location access is correctly attributed to individual
components within an app)
Bug: 162602799
Test: atest android.net
Test: atest com.android.server
Change-Id: Iee95f05204f51a4f8cb1f36acfb60e8cdeb156f4
Nothing on the system is using registerNetworkFactory,
unregisterNetworkFactory at the moment.
registerNetworkFactory, unregisterNetworkFactory are protected by
signature permissions, so could not be used by anything outside of the
system.
Remove the two methods and the underlying support for this legacy,
deprecated mechanism.
Bug: 179229316
Test: atest FrameworksNetTests
Change-Id: I7cdc9eed67f846c8774474af038133040aeccab3
As connectivity services are planned to move to a separate module, move
the manager classes registration from SystemServiceRegistry to
ConnectivityServicesRegistrar, using the registerContextAwareService
APIs.
This follows patterns and naming in WifiFrameworkInitializer.
Bug: 171540887
Test: device boots, connectivity working
Change-Id: I62ced1275750c73f209bac8ec3a3204b95695b83
Files that are planned to be part of the connectivity module are grouped
in packages/Connectivity, so they can be built separately and moved in
one operation with their history into packages/modules/Connectivity.
This places the files in the existing framework-connectivity-sources
filegroup instead of the current framework-core-sources filegroup. Both
are used the same way in framework-non-updatable-sources.
Bug: 171540887
Test: m
Change-Id: I62d9d91574ace6f5c4624035d190260c3126b91e
