If IOException happens while trying to start keepalives sockets,
an invalid fd will be constructed. It will fail with
ERROR_INVALID_SOCKET if the user later calls start(). Current
design to construct the invalid fd use the hidden
ParcelFileDescriptor constructor which will not work for the
incoming ConnectivityService mainline. Thus, replace it with
the other formal API.
Bug: 170598012
Test: atest FrameworksNetTests
Change-Id: I57fd7ec2281c5e8c75481200bbde723ecf96982a
Connectivity mainline module cannot use hidden API so
replace Slog with Log which is a public API.
Test: FrameworksNetTests
Change-Id: I8758079cf635ff4ab218df53c0f7bf6fc23ce476
Revert "WifiLocationTest: Add test for Wifi TransportInfo"
Revert "WifiInfo: Embed location sensitive TransportInfo"
Revert submission 13274595
Reason for revert: DroidMonitor: Potential culprit for Bug 177390648 - verifying through Forrest before revert submission. This is part of the standard investigation process, and does not mean your CL will be reverted.
Reverted Changes:
Ibcf0c6711:WifiInfo: Embed location sensitive TransportInfo
Ic68546e2a:WifiService: Use WifiInfo for masking
Ie522d8c75:NetworkCapabilities: Embed location senstive Trans...
Iaf0fef999:WifiLocationTest: Add test for Wifi TransportInfo
I017de6d4c:ClientModeImpl: Fill info elements for connected b...
I384c9321e:WifiInfo: Add info elements for connected bssid
Change-Id: I4e96850b96dc5ea71d9bb6af2ff17343b8d09d68
Generally, a manager class in Android is used to access
system services and it should be obtained from Context.
This class is a bit different from the definition of a
manager class.
API linter will detect an error if trying to expose a
class name end with Manager. ProxyTracker will create a
new instance of this class so this class needs to be
renamed to avoid API lint error.
Bug: 177035719
Test: FrameworksNetTests
Change-Id: I9185d4fb4342bd285a575f0bdd3518b758f37eb6
Add new capability to indicate whether a network is
managed by Virtual Carrier Network (VCN). This is needed
to identify networks between VCN managed network and
others. And this capability will be:
1. mutable
2. requestable
3. set by default for network agents and requests
4. allowed for test networks
Test: 1. atest FrameworksNetTests CtsNetTestCases
2. adb shell dumpsys connectivity
3. atest ConnectivityServiceTest#testLoseMutableAndRequestableCaps
Bug: 175662146
Change-Id: Ia5eeb3912a687164fa95d7ba5516fd73abca79ba
Changes:
i) Add a new constructor for NetworkCapabilities which accepts whether
location sensitive fields need to be parceled or not. Defalts to false
on the other constructor. This boolean should only be set on the copy of
NetworkCapabilities when sent to apps that hold location permission.
(Similar to how sensitive fields are handled in LinkProperties)
ii) Add a new makeCopy() method in the TransportInfo interface which
accepts whether location sensitive fields need to be parceled or not.
iii) Migrate the existing NetworkCapabilities owner UID masking to use
this new mechanism (instead of existing masking in ConnectivityService).
iv) Always set parcelLocationSensitiveFields to true in the NetworkAgent
surface (since that is a privileged surface from the transports to the
connectivity service)
v) Add a hasSensitiveFields() in TransportInfo interface to avoid
perfoming location permission checks for location insensitive
TrasnsportInfo.
Also, migrate to the new SdkLevel util for isAtLeastR() & isAtLeastS()
checks.
Bug: 162602799
Test: atest android.net
Test: atest com.android.server
Change-Id: Ie522d8c75a82ae521ccfd5165823d0c72642e651
Merged-In: Ie522d8c75a82ae521ccfd5165823d0c72642e651
Currently, ConnectivityService decides the request type by
whether NetworkCapabilities is null when handling request
network. However, to fulfill the need of firing background
request via ConnectivityManager in the follow-up patches,
the request type is needed to pass into ConnectivityService.
This change also make ConnectivityService utilizes the passed
request type.
Test: atest ConnectivityManagerTest#testRequestType
Bug: 175662146
Change-Id: I3bc172bca1217c8020db45057a621d0745d43b3c
Extend CaptivePortalData with a member to hold the venue friendly
name. If CaptivePortalData is initialized by both the network
agent and Capport, merge the two objects to include the venue
friendly name and prioritize the venue URL from the network
agent.
Bug: 162783305
Test: atest ConnectivityServiceTest
Test: atest CtsNetTestCasesLatestSdk:CaptivePortalDataTest
Test: End-to-end test
Change-Id: I4fdf356be42237c5b6c0ae5bacfd3cec4726861b
This reverts commit b36c519c4c.
Reason for revert: After discussion, we prefer to add a field in NetworkCapabilities instead. Sorry for inconvenience.
Change-Id: I2e8840a797df9d1594f2b8b576bcd45beb184fca
Changes:
i) Add a new constructor for NetworkCapabilities which accepts whether
location sensitive fields need to be parceled or not. Defalts to false
on the other constructor. This boolean should only be set on the copy of
NetworkCapabilities when sent to apps that hold location permission.
(Similar to how sensitive fields are handled in LinkProperties)
ii) Add a new makeCopy() method in the TransportInfo interface which
accepts whether location sensitive fields need to be parceled or not.
iii) Migrate the existing NetworkCapabilities owner UID masking to use
this new mechanism (instead of existing masking in ConnectivityService).
iv) Always set parcelLocationSensitiveFields to true in the NetworkAgent
surface (since that is a privileged surface from the transports to the
connectivity service)
v) Add a hasSensitiveFields() in TransportInfo interface to avoid
perfoming location permission checks for location insensitive
TrasnsportInfo.
Also, migrate to the new SdkLevel util for isAtLeastR() & isAtLeastS()
checks.
Bug: 162602799
Test: atest android.net
Test: atest com.android.server
Change-Id: Ie522d8c75a82ae521ccfd5165823d0c72642e651
Currently, when an always-on VPN is set in lockdown mode, Vpn
configures prohibit UID rules in netd directly and does not
inform ConnectivityService of the fact.
This means that ConnectivityService cannot send NetworkCallbacks
that tells apps that they are blocked or unblocked. It also means
that ConnectivityService has to take the mVpns lock and call into
Vpn to allow synchronous APIs such as getActiveNetwork to return
BLOCKED if the app is blocked.
Move all this to ConnectivityService:
- Add a setRequireVpnForUids API to ConnectivityManager, and have
that pass the routing rules to netd.
- Update VpnTest to expect calls to ConnectivityManager instead
of to netd.
- Whenever setRequireVpnForUids is called, ensure that
ConnectivityService sends onBlockedStatusChanged to the
affected callbacks.
- Update existing unit tests to check for callbacks.
- Add a way to find the VPN that applies to a given UID without
taking the VPN lock, by instead scanning all connected VPNs.
Use this as a replacement for direct access to mVpns.
For simplicity, and in order to ensure proper ordering between
the NetworkCallbacks sent for VPNs connecting and disconnecting,
process blocked UID ranges on the handler thread. This means that
when setRequireVpnForUids returns, the rule changes might not
have been applied. This shouldn't impact apps using network
connectivity, but it might mean that apps setting an always-on
package, and then immediately checking whether networking is
blocked, will see a behaviour change.
Bug: 173331190
Fix: 175670887
Test: new test coverage in ConnectivityServiceTest
Test: atest MixedDeviceOwnerTest#testAlwaysOnVpn \
MixedDeviceOwnerTest#testAlwaysOnVpnLockDown \
MixedDeviceOwnerTest#testAlwaysOnVpnAcrossReboot \
MixedDeviceOwnerTest#testAlwaysOnVpnPackageUninstalled \
MixedDeviceOwnerTest#testAlwaysOnVpnUnsupportedPackage \
MixedDeviceOwnerTest#testAlwaysOnVpnUnsupportedPackageReplaced \
MixedDeviceOwnerTest#testAlwaysOnVpnPackageLogged \
MixedProfileOwnerTest#testAlwaysOnVpn \
MixedProfileOwnerTest#testAlwaysOnVpnLockDown \
MixedProfileOwnerTest#testAlwaysOnVpnAcrossReboot \
MixedProfileOwnerTest#testAlwaysOnVpnPackageUninstalled \
MixedProfileOwnerTest#testAlwaysOnVpnUnsupportedPackage \
MixedProfileOwnerTest#testAlwaysOnVpnUnsupportedPackageReplaced \
MixedProfileOwnerTest#testAlwaysOnVpnPackageLogged \
MixedManagedProfileOwnerTest#testAlwaysOnVpn \
MixedManagedProfileOwnerTest#testAlwaysOnVpnLockDown \
MixedManagedProfileOwnerTest#testAlwaysOnVpnAcrossReboot \
MixedManagedProfileOwnerTest#testAlwaysOnVpnPackageUninstalled \
MixedManagedProfileOwnerTest#testAlwaysOnVpnUnsupportedPackage \
MixedManagedProfileOwnerTest#testAlwaysOnVpnUnsupportedPackageReplaced \
MixedManagedProfileOwnerTest#testAlwaysOnVpnPackageLogged
Test: atest FrameworksNetTests HostsideVpnTests \
CtsNetTestCases:VpnServiceTest \
CtsNetTestCases:Ikev2VpnTest
Change-Id: Iaca8a7cc343aef52706cff62a7735f338cb1b772
In order to support ConnectivityService mainline, module should
not use hidden APIs. The logic to get mobile provision is moved
to telephony surface since it's only used by telephony.
Hence, remove the design out from Connectivity.
Bug: 175177794
Test: atest FrameworksNetTests
Change-Id: Ic3082fc1c4d7ac998f4e4cff1351e6829d500924
Currently, LingerTimer takes a NetworkRequest for internal use.
However, this is unnecessary since only request Id is used.
Thus, this patch allows subsequent patches to remove the need
of a NetworkRequest when creating a LingerTimer. And the output
of lingered requests is reduced to id instead of printing
content of requests.
Test: atest FrameworksNetTests
Bug: 175180558
Change-Id: I9106d0804f1083942e1fcaca842f547c0aee1840
The wifi (mainline module) need to set the subscriberId for specific
wifi network.
Bug: 176396812
Test: TreeHugger
Change-Id: Ie97d3dad81c87d41a360558e91c83278595ff475
