As API review feedback, setting allowed on restricted networks
should be by uid instead of package name for security reason.
Thus, update the getter/setter to return/accept set of uids.
Bug: 188085693
Test: atest FrameworksNetTests
Ignore-AOSP-First: Needs cherry-picks
Change-Id: I979bf98075e6c9c0ed7e891582843fddb62643cb
This CL updates ConnectivityService to check location permissions for
ConnectivityDiagnostics callbacks last in the permission check process.
This minimizes misattribution of location access for networks that an
app is not administering.
This CL also updates ConnectivityDiagnosticsManager documentation to
clearly state that location permissions are required in order to receive
callbacks.
Bug: 187310575
Test: atest ConnectivityDiagnosticsManagerTest
Test: atest ConnectivityServiceTest
Change-Id: I2dbeddac6273e2392ccaeae51a1c7776d6d3da75
Merged-In: I2dbeddac6273e2392ccaeae51a1c7776d6d3da75
(cherry picked from commit f3d0fc49db)
When apps try to call factoryReset to do networking reset, it
will result in updating the setting in SettingsProvider.
ContentProvider will verify if the package name of the caller
that initiated the request being processed on the current thread.
The package should belong to the calling UID. The setting update
started from the ConnectivityService context, so the package will
be android but the calling UID will be the calling app. It will
cause a SecurityException. The behavior is fine previously as its
known caller(Settings) shares system UID. But it will be a
problem for other callers, such as CTS. Thus, clear the identity
since the necessary permission check should be examined at the
top of the method. The following actions should be fine to be
proceed from the system itself. Also replace the user restriction
check via hasUserRestrictionForUser with the UserHandle created
from the calling uid to ensure it's verified with correct user.
Bug: 186061922
Test: Factory reset from Settings
Merged-In: If2dd69f702a1eafff331f9e71f6b92aeadfb715d
Change-Id: If2dd69f702a1eafff331f9e71f6b92aeadfb715d
(cherry picked from commit 10ba4b773b)
When apps try to call factoryReset to do networking reset, it
will result in updating the setting in SettingsProvider.
ContentProvider will verify if the package name of the caller
that initiated the request being processed on the current thread.
The package should belong to the calling UID. The setting update
started from the ConnectivityService context, so the package will
be android but the calling UID will be the calling app. It will
cause a SecurityException. The behavior is fine previously as its
known caller(Settings) shares system UID. But it will be a
problem for other callers, such as CTS. Thus, clear the identity
since the necessary permission check should be examined at the
top of the method. The following actions should be fine to be
proceed from the system itself. Also replace the user restriction
check via hasUserRestrictionForUser with the UserHandle created
from the calling uid to ensure it's verified with correct user.
Bug: 186061922
Test: Factory reset from Settings
Change-Id: If2dd69f702a1eafff331f9e71f6b92aeadfb715d
Stop reading legacy resources as fallback, and only use resources in
ServiceConnectivityResources.
Bug: 185850634
Test: atest CtsNetTestCases FrameworksNetTests
Change-Id: I224f1ef9a1a8d6e636c7e9550845ab3e1394d7f3
The resources are only read by NetworkStack through their respective
ApfCapabilities SystemApi methods.
As the resources are being migrated out of frameworks/base resources
anyway, move them directly to NetworkStack instead of moving them to
ServiceConnectivityResources.
Also test that the framework resources are not overlaid or modified.
This should avoid OEM integration errors where the overlays are kept as
in R, without overlaying the resource in the NetworkStack package.
Bug: 185850634
Test: atest CtsNetTestCases
BYPASS_INCLUSIVE_LANGUAGE_REASON=Need to mention legacy APIs
Merged-In: I7a15ddcad5af11fa307d9dbe3a77b31a1179e5b3
(clean cherry-pick)
Change-Id: I7a15ddcad5af11fa307d9dbe3a77b31a1179e5b3
Let PermissionMonitor read APPS_ALLOWED_ON_RESTRICTED_NETWORKS
setting and grant netd system permission to uids whose package
name is listed in setting.
Bug: 185149952
Test: atest FrameworksNetTests
Merged-In: I856b545c0339a262abbe9d432cfda125bc82dc12
(clean cherry-pick)
Change-Id: I856b545c0339a262abbe9d432cfda125bc82dc12
Currently, unprivileged apps can call getAllNetworks() to see
all networks on the system, even networks that do not apply to
them. Allow them to do this via NetworkCallbacks as well.
This is the last piece of information that was only available
through getAllNetworks, so this CL deprecates that API.
Bug: 187921303
Test: new unit tests
Test: CTS test in other CL in topic
Change-Id: I30f1021927d3c8eae6525116c61ff4a4acecff6d
This CL updates ConnectivityService to check location permissions for
ConnectivityDiagnostics callbacks last in the permission check process.
This minimizes misattribution of location access for networks that an
app is not administering.
This CL also updates ConnectivityDiagnosticsManager documentation to
clearly state that location permissions are required in order to receive
callbacks.
Bug: 187310575
Test: atest ConnectivityDiagnosticsManagerTest
Test: atest ConnectivityServiceTest
Change-Id: I2dbeddac6273e2392ccaeae51a1c7776d6d3da75
The legacy design of "dumpsys connectivity" will only dump
information with NORMAL priority. It was updated to provide
both NORMAL and HIGH priority information in order to support
dump in bugreport. However, it will also affect the result
using dumpsys connectivity.
Update design to dump NORMAL priority only to align with legacy
design.
Bug: 188387185
Test: adb shell dumpsys connectivity
Test: adb bugreport and check the result in bugreport
Change-Id: I6825c5038e48e3060c0c3ad1512bd584ef6d10a7
Merged-In: I6825c5038e48e3060c0c3ad1512bd584ef6d10a7
This is declared in the API surface, but the implementation
does not match.
Ignore-AOSP-First: Needs cherry-picks
Test: atest CtsNetTestCases:android.net.cts.ConnectivityManagerTest#testGetAllNetworkStateSnapshots
Bug: 188140631
Change-Id: I97aa69651461ebe5c323ec669372f9a61b84e6a6
The legacy design of "dumpsys connectivity" will only dump
information with NORMAL priority. It was updated to provide
both NORMAL and HIGH priority information in order to support
dump in bugreport. However, it will also affect the result
using dumpsys connectivity.
Update design to dump NORMAL priority only to align with legacy
design.
Bug: 188387185
Test: adb shell dumpsys connectivity
Test: adb bugreport and check the result in bugreport
Change-Id: I6825c5038e48e3060c0c3ad1512bd584ef6d10a7
PermissionMonitor register APPS_ALLOWED_ON_RESTRICTED_NETWORKS
setting observer to listen setting changed callback. Then update
or revoke permission for those apps.
Bug: 185149952
Test: atest FrameworksNetTests
Change-Id: I4b6a21bd3f47b7bcaac36fcabf1202a5a84a4520
Let PermissionMonitor read APPS_ALLOWED_ON_RESTRICTED_NETWORKS
setting and grant netd system permission to uids whose package
name is listed in setting.
Bug: 185149952
Test: atest FrameworksNetTests
Change-Id: I856b545c0339a262abbe9d432cfda125bc82dc12
Yielding cell wins to exiting wifi (whether good or bad).
It loses to bad wifi that's not exiting.
In R, yielding to bad wifi only affects wifis that are
unvalidated, but a wifi that is exiting should still be
dropped in favor of a cell that yields to bad wifi.
I had misunderstood the policy and implemented it wrong.
Now it's implemented right, and has careful tests.
Test: new tests for this
Bug: 186458024
Change-Id: Ib8637100d491e72a2edb837584ce55b7dda58524
