The gnss@2.0 HAL and the framework GNSS Location Provider code is
updated in Q to not call the deprecated requestRouteToHost() method.
However, devices upgrading to Q which are still using gnss@1.1 or
earlier HAL must continued to be supported.
Fixes: 121222025
Test: Tested with gnss@1.1 HAL and first API level P. The
ConnectivityService log message "This method exists only for
app backwards compatibility and must not be called by system
services" is not present for devices with first API level P.
Change-Id: I10199776ea413dc256dbf0771e6cb3eedb334495
NetdService#getInstance() will get null object in
WrappedConnectivityService constructor. Then pass this null
INetd object to PermissionMonitor will case NPE in
PermissionMonitor#sendPackagePermissionsToNetd()
Bug: None
Test: atest FrameworksNetTests
Change-Id: Ia1c80f9600a19c4aaf3f3c1b497b355d96c49c8e
NetworkMonitor cannot do the private dns resolution due to lack
"mNetworkCapabilities". ConnectivityService will call
NetworkStackService#notifyPrivateDnsChanged() before doing
network validation. After NetworkMonitor received
CMD_PRIVATE_DNS_SETTINGS_CHANGED, it will call
isValidationRequired to check if the validation is required.
But mNetworkCapabilities didn't be set, so the
mPrivateDnsProviderHostname will be set to empty and make
EvaluatingPrivateDnsState doesn't do private dns resolution.
Bug: 129375892
Test: 1. Build pass
2. atest FrameworksNetTests
3. atest NetworkStackTests
Change-Id: I637212fb4746bb2e9a2f4a4457fd36c4c2701149
The kernel eBPF maps have a blacklist to store all the uids that doesn't
have internet permission. When an app is unintalled from the device and
it is the last package on device that uses that uid, make sure we
cleaned the uid from the map and do not add no longer used uids into the
eBPF map. This action helps reduce the number of entries stored in the
map and reduce the chance of overflow the eBPF map.
Bug: 128944261
Test: PermissionMonitorTest
Change-Id: I10dd0113d00d6cf9ca39902d9721f2591d387d4a
Add more tests to PermissionMonitor to verify the functionality related
to INTERNET permission and UPDATE_DEVIE_STATS permission. Modified some
of the class design of PermissionMonitor so that it is easier to test
the new functionalities.
Bug: 111560570
Test: PermissionMonitorTest
Change-Id: Ic5585f337db5de48e2f87bf4f01ed7d85c349827
- Restrict unprivileged apps to use
NetworkRequest.Builder#setSignalStrength.
- Remove the "throws NullPointerException" in
CaptivePortalProbeSpec constructor.
- Remove the null check in LinkProperties.
- Add annotataion into all ConnectivityManager.NetworkCallback
methods.
Change-Id: Id275cac1d6a30d7515cd7b113394f5e8a0179314
Fix: 129097486
Test: atest FrameworksNetTests
Currently, onStopped callback are synchronizely triggered when
stop() was called, since the framework don't really care
about the result of stopping keepalive.
However, if keepalive failed to stop for some reason, the
handleStopKeepalive was called mistakenly and trigger additional
callback that fail the test case.
This commit is the behavior change prior to state machine
refactoring, and introduce a stopping state for ignoring the
result in the stopping state.
Bug: 129512753
Bug: 123988249
Test: 1. atest com.android.server.ConnectivityServiceTest \
#testNattSocketKeepalives --generate-new-metrics 100
2. atest FrameworksNetTests
Change-Id: I4fa94e0740ba488fb5fe7ac7c3812c195dd0ec4c
The system server (in SystemServer.java) defines the boot
sequence, during which an event called SystemReady happens.
This corresponds to a time when critical system services
that are depended upon by other components in the system
server are ready to handle requests from their dependencies.
Some system services are listening to this event to defer
initializations that depend on the critical services.
Because the network stack is only started after SystemReady,
there is no way any NetworkMonitor may be started before
SystemReady. Remove the associated mechanism.
Fix: 129376083
Test: FrameworksNetTests
Change-Id: I071eeb10d0b7c4f71af6653d322c7b442b2cc7ee
NetworkMonitor obtained LinkProperties and NetworkCapabilities via
synchronous calls to ConnectivityManager after receiving an asynchronous
notification, which is prone to races: the network could be gone before
the LinkProperties/NetworkCapabilities can be fetched.
Fix the race by passing LinkProperties/NetworkCapabilities directly to
NetworkMonitor in the asynchronous notifications.
Test: atest FrameworksNetTests NetworkStackTests
Test: booted, WiFi works
Bug: 129375892
Change-Id: I200ac7ca6ff79590b11c9be705f650c92fd3cb63
* changes:
Move BatteryStats and StatsCompanionService to use NetworkStatsService.
NetworkStatsService: Fix getDetailedUidStats to take VPNs into account.
Take all VPN underlying networks into account when migrating traffic for VPN uid.
VPN uid.
Bug: 113122541
Bug: 120145746
Test: atest FrameworksNetTests
Test: Manually verified on device that stats from VPN UID are moved
appropriately based on its declared underlying network set.
Test: vogar --mode app_process --benchmark NetworkStatsBenchmark.java
Change-Id: I9d8d0cc58d18002c1c96f8ddff780ef8dc452d21
Currently, socketKeepalive implementation is accepting null fd
due to backward compatibility with legacy packet keepalive API.
However, due to lack of the fd, the service cannot guarantee the
port is not reused by another app if the caller release the port
for any reason.
Thus, grant the null fd access only for priviledged apps.
This commit also address some comments from aosp/918533.
Bug: 126699232
Test: atest FrameworksNetTests
Change-Id: I0baf582ff4ca8af6082c3754e8dfbcd867f39792
Currently, if the lower layer, e.g. wifi, didn't successfully
start keepalive by any reason. Due to the startedState changed
to NOT_STARTED first, the logic inside stop() will skip the
removing process and cause leak.
Thus, moving the changing of startedState to proper place first
to unblock subsequent changes first.
Bug: 123988249
Bug: 129371366
Test: atest FrameworksNetTests
Change-Id: I4bba01bacc80e1dac2023ef831b5ade5501894e4
For native services such as mediaserver and audioserver, the permission
information cannot be retrieved from getInstalledPackages. Instead, the
high level permission information is avalaible in systemConfigs. With
those permission information, netd can store the complete list of uids
that have UPDATE_DEVICE_STATS permission.
Bug: 128944261
Test: dumpsys netd trafficcontroller
Change-Id: I0331d5a3a5b927a351fcfe6689ef1ba2b993db0c
Change the INTERNET permission implementation so it only block socket
creation when non of the packages under the same uid have internet
permission. Fix the UPDATE_DEVICE_STATS permission so only the uid that
own the permission can change it.
Bug: 111560570
Test: CtsNetTestCasesUpdateStatsPermission
CtsNetTestCasesInternetPermission
Change-Id: I42385526c191d4429f486cde01293b27fcc1374b
Per API review, change the use of FileDescriptor to
ParcelFileDescriptor.
This change also fix nullability according to API review
feedbacks.
Fix: 126698610
Fix: 126699425
Fix: 126699232
Fix: 126700278
Test: 1. m -j
2. atest FrameworksNetTests --generate-new-metrics 50
3. m -j doc-comment-check-docs
Change-Id: I19476c50dd1ca290bf3f41973829da2bd229796a
Fill correct TOS/TTL value by fetching them from kernel with
getsockopt.
bug: 123967966
Test: -build, flash, boot
-atest FrameworksNetTests
Change-Id: I75b1be51040b4a381163958b4cddd27dbb22bac1
