Apps with PACKAGE_USAGE_STATS app op or READ_NETWORK_USAGE_HISTORY
granted can query the summarized device data usage (but not individual
uids running in other users or profiles).
Bug:26677052
Change-Id: Id51631638f338a8cf48172c9b41746228a335084
Whether a network is deemed roaming or not was already being tracked
as part of the NetworkIdentitySet, so the underlying data store
already tracks roaming and native data separately. However, this data
was being aggregated together in NetworkStatsCollection#getSummary,
since the NetworkIdentitySet is converted to an iface name for the
purposes of matching, and the iface name will be identical whether or
not the iface is considered roaming. Now it is separated.
Also fixes a long-standing bug in NetworkIdentitySet where an identity
read from a saved file would always be considered roaming == false,
even if it wasn't at the time it was written.
Bug: 25813438
Change-Id: I11ab5b51182ed8da7af8fde468df065f9fdc3dad
These are analagous to the state buckets for tracking whether usage is
incurred while the app is in the foreground or background. We will
additionally track whether data usage is incurred over a metered or
unmetered network, and whether it is incurred over a roaming or native
network.
The APIs are not implemented in this CL; the existing buckets are
still returned with METERING_ALL and ROAMING_ALL to indicate that this
is not yet being tracked.
Bug: 25813438
Bug: 25813958
Change-Id: I76dd3dd063ed28ef5579ca3a978570532e7836bc
Currently, access to network usage history and statistics requires a
signature|privileged permission, an AppOps bit (associated with the
PACKAGE_USAGE_STATS permission), or device/profile ownership. Once
access is granted via one of these mechanisms, it generally applies to
any UID running in the same user as the caller.
This CL expands access as follows:
-Any app can access its own usage history with no extra requirements.
-Carrier-privileged applications can access usage history for the
entire device.
-Device owners can access per-UID breakdowns for usage. Previously
they could access the summary for the whole device, but not the
individual breakdowns.
We simplify the permission model by defining three access levels -
DEFAULT (own app only), USER (all apps in the same user), and DEVICE
(all apps on the device), and propagate these levels throughout.
Finally, this CL fixes an apparent bug in
NetworkStatsSerice#hasAppOpsPermissions - if the AppOp bit was in
MODE_DEFAULT, hasAppOpsPermission would always return false instead of
falling back to the PackageManager permission check.
Bug: 25812859
Bug: 25813856
Change-Id: Ic96e0776e2a4215a400163872acea1ededfaced9
As a matter of policy, we should never be holding the mPackages lock
while calling down into installd. This little bit of logic helps us
catch accidental cases where this happens.
Change-Id: I676c81df43ef936ffd36290d45a79429630c1b4b
The current MountService design heavily depends on down-callers not
holding any locks, since the vast majority of events are unsolicited
and bubble up to the framework.
This simple API gives us an easy way to track down people calling
while holding a lock they shouldn't be.
Bug: 25443096
Change-Id: Ifcbda95f00d5be8c1b88d58ca67927e76c713c3e
In rare cases, we might have created a network policy before an IMSI
was available. Because this policy is persisted, and we incorrectly
think that it always applies, we end up annoying the user when data
usage goes over the 2GB default warning threshold.
This patch fixes the network matching logic to ignore these empty
network policies when present.
Bug: 24972775
Change-Id: Id26499b6716121dddf0f2c05b848b0bed5995e72
Sadly MediaProvider makes a ton of assumptions about storage paths
not changing. To ensure that it picks up radical storage changes,
kill it and let it restart to pick up new paths.
Also give ourselves a longer timeout when benchmarking.
Bug: 20275423
Change-Id: I9971c4667dabdc685cb23528443f085f152c461d
If a volume benchmark operation times out, we don't want to show
a cryptic toast message. Instead, we return a very large integer
[eg Long.MAX_INT]. The storage wizard can then use this value
to show an appropriate dialog if it chooses.
Bug: 21376364
Change-Id: I3d97336e19c93511cfff2cbdb2f07ab033a1143d
Per UX, default strings should have space between value and units
resulting in "12.3 GB". Add a formatting variant that returns the
various components for callers who want to build their own strings.
For now there is only one mounted emulated volume at a time, and
it's always the primary storage, so give it the default rootId to
keep old Uris working.
Change-Id: Ifcc72a91a6b397ee65dc92642153286186eb64ac
This CL mostly affects Settings app as it can run in a user different
than UserHandle.OWNER. Since it is a system app it should have access
to all uid's data usage, regardless of which user it is currently running
in.
Bug: 19967498
Change-Id: I4a7787134d998457f7e2a1029183d44d9584083e
Storage devices are no longer hard-coded, and instead bubble up from
whatever Disk and VolumeBase that vold uncovered, turning into
sibling Java objects in MountService. We now treat vold events as
the source-of-truth for state, and synchronize our state by asking
vold to "reset" whenever we reconnect.
We've now moved to a model where all storage devices are mounted in
the root mount namespace (user boundaries protected with GIDs), so
we no longer need app-to-vold path translation. This also means that
zygote only needs to bind mount the user-specific /mnt/user/n/ path
onto /storage/self/ to make legacy paths like /sdcard work. This
grealy simplifies a lot of system code.
Many parts of the platform depend on a primary storage device always
being present, so we hack together a stub StorageVolume when vold
doesn't have a volume ready yet.
StorageVolume isn't really a volume anymore; it's the user-specific
view onto a volume, so MountService now filters and builds them
based on the calling user. StorageVolume is now immutable, making
it easier to reason about.
Environment now builds all of its paths dynamically based on active
volumes. Adds utility methods to turn int types and flags into
user-readable strings for debugging purposes.
Remove UMS sharing support for now, since no current devices support
it; MTP is the recommended solution going forward because it offers
better multi-user support.
Simplify unmount logic, since vold will now gladly trigger EJECTING
broadcast and kill stubborn processes.
Bug: 19993667
Change-Id: I9842280e61974c91bae15d764e386969aedcd338
Create two special SETs.
SET_DBG_VPN_IN is used by individual applications to know
how much traffic of the NetworkIdentity was actually moved
from a VPN app.
SET_DBG_VPN_OUT is used by the VPN app to know how much
traffic of the NetworkIdentity was deducted.
A debug application can restore the raw stats by these
entries.
raw_traffic = recorded_entry (TAG_NONE, SET_ALL)
+ recorded_entry (TAG_NONE, SET_DBF_VPN_OUT)
- recorded_entry (TAG_NONE, SET_DBF_VPN_IN)
The two debug SETs are not returned by
NetworkStatsService.openSession(). These debug entries are
retrieved by NetworkStatsCollection.dump().
Bug: 19536273
Change-Id: I03ef9f7667f5f2f48cbe3f6b11447fe7ead8ad3b
Added new API consisting of android.app.usage.NetworkUsageManager and
android.app.usage.NetworkUsageStats. Through them data usage on a
network interface can be programmatically queried. Both summary and
details are available.
Bug: 19208876
Change-Id: I0e0c4b37ae23ad1e589d4b0c955b93f28ba4333e
* Creates a new Parcelable class VpnInfo to hold required
parameters for VPN stats adjustments.
* ConnectivityService to collect infomation and provide
a list of VpnInfo, one for each user.
* NetworkStatsService passes the VpnInfo array to
NetworkStatsRecorder.
* NetworkStatsRecorder calls NetworkStats.migrateTun()
to do the math.
* Poll NetworkStats when the vpn application calls
setUnderlyingNetworks().
Bug: 19536273
Change-Id: I7a4c7726b8243fead10416f7ec6eb5cf95f20183
Create a new method to migrate underlying network traffic
from VPN app to other apps.
Bug: 19536273
Change-Id: I3434cad361592e26b01225edf8012f7b16afc98f
Connectivity broadcasts recently changed and are no longer sent for
certain types of network changes. For example, when stacked network
interfaces change for a mobile network. To ensure that we pick up
all these details, directly wire the two services together.
Also remove some unused code for split network types.
Bug: 18666753
Change-Id: I0467bd5b330c0e0cb51af2306d821b41ad16337a
There are some cases where multiple subscriber identities (IMSI)
should be treated as "merged together" from a data usage
perspective. This is done by extending the template used for
matching purposes to support multiple subscribers.
Then, when we query historical usage or set network policies, we
normalize the matching template to merge to any other identities
that should be included. When normalizing, the "lowest" identity
is always used for equality and storage purposes, which allows
identities to come and go over time.
This change also fixes data usage recording for multi-SIM devices
by passing along the concrete subscriber identity for each network
interface. Also correctly create default policies for multi-SIM
devices. This change also drops setPolicyDataEnable() until it can
be wired up to the right underlying NetworkAgent. (This means we
still bring up the network, and then rely on iptables rules to block
traffic when over the limit, instead of proactively disabling the
connection.)
Bug: 18012787
Change-Id: If6acf32009fdfea2b836f5aff8e2f3e5e0248b4a
* commit '1056d5a997e3f30230e1e4316310586dd15a4600':
Add mechanism for securely returning parameters though NativeDaemonConnector
Revert "DO NOT MERGE: Don't log passwords returned from vdc"
