Updating the automotive allowed UIDs check to only work if the
capabilities have a single transport equal to ethernet.
Bug: 229419469
Test: atest FrameworksNetTests
Change-Id: I91e987d6b943a3c5986ab88553a6eef0d479b079
This includes:
1. Provide NetworkStatsRecorder#importCollectionLocked to
allow caller to write a NetworkStatsCollection object to
a standalone file.
2. Do not clear the collection in NetworkStatsRecorder#
CombiningRewriter, this is safe since pending set will
still be cleared during forcePersistLocked.
3. Implement the migration process, including recovery and
safety measures.
Test: NetworkStatsServiceTest NetworkStatsCollectionTest
Test: manual test with
adb shell device_config put tethering \
netstats_store_files_in_apexdata true
adb shell device_config put tethering \
netstats_import_legacy_target_attempts 1
Ignore-AOSP-First: in a topic with internal-only changes
Bug: 230289468
Change-Id: Ic2002cbfd5a6b3c2226fa8dab22481f8ce656574
This implements a simple integer written to disk backed by
AtomicFile.
Bug: 230289468
Test: new unit test
Ignore-AOSP-First: in a topic with internal-only changes
Change-Id: I1c73c8ac2429f92153cfba3b006b4374e75e65df
After turning off the ethernet settings via api, the ethernet service
can still be started when plugging-in the cable. Improve the api by
ignoring the upcoming interface unsolicited event listener callbacks
and register new interface observer once the ethernet setting is enabled
again.
Bug: 231933028
Test: atest testListenEthernetStateChange_unsolicitedEventListener
Change-Id: I1b1cb7d157f023fca82d75592168bd360a6fa6e1
Allow ethernet factories on automotive devices to set the allowed UIDs
on NetworkCapabilities.
Bug: 229419469
Test: atest FrameworksNetTests
Change-Id: I03e7cda75f1c530e0d0e4a756330bc9847a96668
Currently, even when VPN Lockdown mode is enabled, incoming packets are
not dropped if VPN is not connected.
This commit fixed this issue.
After this commit, If VPN Lockdown mode is enabled, incoming packets
are dropped regardless of the VPN connectivity.
Bug: 206482423
Test: atest TrafficControllerTest ConnectivityServiceTest PermissionMonitorTest
Change-Id: If52ece613c8aac1073355e43b6fb9cb3fcc87d1d
This is needed to ensure corrupted data can be clean up if
the data migration process dones't go well.
Test: NetworkStatsCollectionTest
Bug: 197717846
Change-Id: Ic76ad6f3e96f03791b48988fb2622c9c647ffc7c
(cherry picked from commit 306a00316c)
Merged-In: Ic76ad6f3e96f03791b48988fb2622c9c647ffc7c
This is a follow-up commit from aosp/2076483. Mainly to update:
1. Update the hex string to human understandable code instead of
byte code.
2. Use IgnoreUpTo() to do the SDK check
3. Avoid relying on the code being tested
Bug: 192078259
Test: atest FrameworksNetTests
Change-Id: I8973d248a1d30fdcb597677dbf051e146041f905
(cherry picked from commit a023f88193)
Merged-In: I8973d248a1d30fdcb597677dbf051e146041f905
* changes:
Catch new exceptions from BpfMap
Revert "Open and close clat bpf map while clat is starting and stoping"
Revert "ClatCoordinator: replace BpfMap with IBpfMap"
VPN configurations in T should automatically include the corresponding
SDK sandbox UID of an application.
The existing tests used a UID range outside the regular application
range, which means the new sandbox UIDs wouldn't be tested. Modified the
UIDs to run in the regular UID range of [10000, 19999]. Changed the
tests to include the SDK sandbox UID where necessary.
Also, changed the entire class to only run on T+, since that is the only
place where the SDK sandbox UIDs will be added. Since VPN code is not
mainline updatable, having coverage on earlier releases doesn't really
help anyway.
Finally, fixed up testNetworkBlockedStatusAlwaysOnVpn() in
ConnectivityServiceTest, and only have that run on T+ for the same
reasons.
Bug: 225317905
Test: atest VpnTest
Test: atest ConnectivityServiceTest
Change-Id: I83009344c270e520ac8ad1558c067cf7e46b1d2e
Merged-In: I83009344c270e520ac8ad1558c067cf7e46b1d2e
This is needed to ensure corrupted data can be clean up if
the data migration process dones't go well.
Test: NetworkStatsCollectionTest
Bug: 197717846
Change-Id: Ic76ad6f3e96f03791b48988fb2622c9c647ffc7c
VPN configurations in T should automatically include the corresponding
SDK sandbox UID of an application.
The existing tests used a UID range outside the regular application
range, which means the new sandbox UIDs wouldn't be tested. Modified the
UIDs to run in the regular UID range of [10000, 19999]. Changed the
tests to include the SDK sandbox UID where necessary.
Also, changed the entire class to only run on T+, since that is the only
place where the SDK sandbox UIDs will be added. Since VPN code is not
mainline updatable, having coverage on earlier releases doesn't really
help anyway.
Finally, fixed up testNetworkBlockedStatusAlwaysOnVpn() in
ConnectivityServiceTest to include the sandbox UIDs as well.
Bug: 225317905
Test: atest VpnTest
Test: atest ConnectivityServiceTest
Change-Id: I83009344c270e520ac8ad1558c067cf7e46b1d2e
This is a follow-up commit from aosp/2076483. Mainly to update:
1. Update the hex string to human understandable code instead of
byte code.
2. Use IgnoreUpTo() to do the SDK check
3. Avoid relying on the code being tested
Bug: 192078259
Test: atest FrameworksNetTests
Change-Id: I8973d248a1d30fdcb597677dbf051e146041f905
Currently, there is no limtation for an app to request
data usage callback, which is dangerous if the app fire
hundreds of thousands requests and potientially this might
cause OOM if the apps don't free them.
Test: atest NetworkStatsObserversTest#testRegister_limit
Bug: 229103088
Change-Id: I8299f46fd47a82ec9b25ba2e0d3c95db5512c331
1) alowFallback flag was incorrectly not reset while setting profile
preference. Corrected it.
2) Threw exception if default preference and enterprise preference are
set together
3) renamed clearUser to withoutUser
Bug: 231670730
Test: ConnectivityServiceTest
Change-Id: If92ebe0cc23f18c8808893926d5e1d12ff2e3650
Merged-In: Iaf49237bdc791c7e1dd884d069eff64e74757477
Normally if an app calls requestNetwork with capabilities that it
does not have permission to request, it gets a SecurityException,
except if it requests NET_CAPABILITY_CBS, in which case the request
will not throw but the app will get an onUnavailable callback.
Make this codepath throw as well. This simplifies the code and makes
the app-visible behaviour more consistent (and consistent with what
happens in S and below). The reason the code was written this way is because the carrier privilege app should receive a callback if it
loses permission. But onUnavailable is also not the best callback to
send, since it is used very rarely and also releases the app's
request. It seems better to leave the request registered and send
onLost.
Test: atest FrameworksNetTests
Bug: 194332512
Change-Id: I5eaeb415a6654851246e38599a996fbd9366fde0
(cherry picked from commit 96bd9fe4de)
Merged-In: I5eaeb415a6654851246e38599a996fbd9366fde0
1) alowFallback flag was incorrectly not reset while setting profile
preference. Corrected it.
2) Threw exception if default preference and enterprise preference are
set together
3) renamed clearUser to withoutUser
Bug: 231670730
Test: ConnectivityServiceTest
Change-Id: Iaf49237bdc791c7e1dd884d069eff64e74757477
Normally if an app calls requestNetwork with capabilities that it
does not have permission to request, it gets a SecurityException,
except if it requests NET_CAPABILITY_CBS, in which case the request
will not throw but the app will get an onUnavailable callback.
Make this codepath throw as well. This simplifies the code and makes
the app-visible behaviour more consistent (and consistent with what
happens in S and below). The reason the code was written this way is because the carrier privilege app should receive a callback if it
loses permission. But onUnavailable is also not the best callback to
send, since it is used very rarely and also releases the app's
request. It seems better to leave the request registered and send
onLost.
Test: atest FrameworksNetTests
Bug: 194332512
Change-Id: I5eaeb415a6654851246e38599a996fbd9366fde0
In order to have better logging to gather information
about the callers. This change includes:
1. Add pid and package name into RequestInfo for better logging.
2. Print current observers in dumpsys section.
3. Enable register/unregister usage request logging by default.
The log added in the dumpsys section looks like:
Stats Observers:
RequestInfo from pid/uid:2001/1000(android) for DataUsageRequest [...] accessLevel:3
...
Test: NetworkStatsObserversTest
Bug: 229103088
Change-Id: Ide68776dc279610e8dee0efd924b59a1fac2b7b6
(cherry picked from commit c259e615e6)
Merged-In: Ide68776dc279610e8dee0efd924b59a1fac2b7b6
Multiple enterprise slice can be setup within single user profile based
on different uids. So do not remove profile network preference with same
user profile but with different uids
Bug: 229644102
Test: manual system test and ConnectivityServciceTest
Change-Id: I897b643e01240958fff575de9e15182069efc698
(cherry picked from commit 9cc129f37d)
Merged-In: I897b643e01240958fff575de9e15182069efc698
1. Test that adding a new preference replaces the existing preference.
2. Test that if we pass in two simultaneous preferences for the same user.
(e.g., two different groups of apps), the second overrides the first.
Bug: 229644102
Test: ConnectivityServciceTest
Change-Id: I819247711f8457b12792585216ff47be31457ae8
(cherry picked from commit 95e02c5d5a)
Merged-In: I819247711f8457b12792585216ff47be31457ae8
