When the user selects "Do not use this network" in the captive portal
app, it indicates that the user does not want to log in and does not
want to use the network. Thus, the network should be disconnected.
Internally handle the network disconnect in ConnectivityService upon
receiving a captive portal app response of APP_RETURN_UNWANTED.
Test: atest ConnectivityServiceTest
Change-Id: I789ddb663b533a71a77ed435fa91b0c20d3bbfd4
Currently 5G usage includes both metered and unmetered usage.
To support 5G unmetered usage metrics, unmetered usage should
be separated from the 5G usage. Thus, ConnectivityService needs
to inform NetworkStatsService if TEMPORARILY_NOT_METERED has
changed. Then NSS will count temporarily not metered usage as
unmetered.
Bug: 222339311
Bug: 183776809
Test: FrameworksNetTests:ConnectivityServiceTest
Change-Id: I0c7e1eb98925184f36e322e09b4d3d8c6f056fa6
Some callers (e.g. iwlan) need to learn about system default
network but they cannot have NETWORK_SETTINGS permission.
To allow them to use this API but prevent from misuse by
unprivileged apps, enforce USE_RESTRICTED_NETWORKS for this API.
Test: atest com.android.server.ConnectivityServiceTest#testRegisterPrivilegedDefaultCallbacksRequireNetworkSettings android.net.cts.ConnectivityManagerTest#testRegisterNetworkCallback
Fix: 242456635
Change-Id: I80ab27445af874328c9c0f4814a8fbf035ae5df4
In ConnectivityService, updateLinkProperties calls NetworkStats
even though the ip address or interface name has not changed and
only the tcp buffer size has changed. This is noisy and could
be problematic when RAT change occurs frequently, since when
RAT changes tcp buffer size configuration also changes.
This CL also fixes a wrong nullability annotation where the oldLp
of updateLinkProperties could be null when updateNetworkInfo
is called.
Test: atest ConnectivityServiceTest#testStatsIfacesChanged
Fix: 232048480
Change-Id: Ic226eb4a8aa1f38cba293510813f1cb55f0ea658
shouldIgnoreValidationFailureAfterRoam will incorrectly return
true in the first few seconds after boot even if the network
never roamed. This is extremely unlikely to happen, but add a
check for that just in case.
Fix: 230450214
Test: new unit test
Change-Id: I0789d9bdaa0bd9e78673e8f4248a2ca610052f1e
This will be useful for diagnosing default network changes.
Logs may look like, for example :
Update capabilities for net 100 : -NET_CAPABILITY_OEM_PAID+NET_CAPABILITY_TRUSTED
Or :
Update score for net 100 : -POLICY_EVER_EVALUATED+POLICY_IS_VPN+POLICY_IS_DESTROYED
Test: FrameworksNetTests
manual
Change-Id: Ic4788c599573aae9daeca995b8853800aaaba0b8
Also remove the dump of mPrivilegedUser because this is not used now and
the information is duplicated with uidPermissionMap dump.
Before this CL
....
mUidPermissionMap:
10049 PERMISSION_NONE
10027 BPF_PERMISSION_INTERNET BPF_PERMISSION_UPDATE_DEVICE_STATS
1041 BPF_PERMISSION_UPDATE_DEVICE_STATS
....
After this CL
....
sUidPermissionMap:
10049 PERMISSION_NONE
10027 PERMISSION_INTERNET PERMISSION_UPDATE_DEVICE_STATS
1041 PERMISSION_UPDATE_DEVICE_STATS
....
Bug: 217624062
Test: dumpsys connectivity trafficcontroller, atest BpfNetMapsTest
Change-Id: I416501d5a28a5443f954f9c8c58ea255e5cdc897
Test: FrameworksNetTests
adb shell device_config put connectivity actively_prefer_bad_wifi
+ check that dumpsys updates
Test: at this patchset tests fail with :
Permission denial: reading from settings requires:android.permission.READ_DEVICE_CONFIG
Change-Id: Icfe1e64b8313921ff1dc8e4cbd45f967692e1c4a
This is necessary so that MultinetworkPolicyTracker can see
DeviceConfig. It will also allow removing reflection from
this file to address a long-standing TODO.
Test: build
Change-Id: I968bf67e0e0189b01515242371599c02bc9e2ca2
With this patch and "config_activelyPreferBadWifi=1"
(or SDK level >= U) and bad wifi avoidance turned off,
when the device connects to a bad wifi, after 20
seconds of the wifi not validating the device will
pop up a head-up notification with text
"<SSID> has no internet access".
When tapped, the notification will bring up the existing
Settings dialog :
*Wifi not connected to the internet*
You can switch to mobile whenever Wi-Fi is bad
□ Never show again
<Stay on Wi-Fi> <Switch to Mobile>
If the wifi validates and loses access again, the same
notification/dialog are shown if Settings.Global.
NETWORK_AVOID_BAD_WIFI=PROMPT ; if IGNORE, the device
stays stuck on wifi.
If AVOID, then bad wifi avoidance is turned on in the
first place, so none of this happens.
Behavior in other cases :
- If config_activelyPreferBadWifi=0, then upon connecting
to a wifi without internet, the behavior is unchanged :
the device stays on mobile and after 8 seconds a
notification pops up asking whether to stay connected.
If the network validates, then loses access, the behavior
depends on a few things :
- If config_networkAvoidBadWifi is 0 and Settings.Global.
NETWORK_AVOID_BAD_WIFI = IGNORE, then the device stays
on wifi and says nothing.
- If config_networkAvoidBadWifi is 0 and Settings.Global.
NETWORK_AVOID_BAD_WIFI = PROMPT, then
notification pops up asking whether to switch to mobile.
- If config_networkAvoidBadWifi is 1 (regardless of the
value of Settings.Global.NETWORK_AVOID_BAD_WIFI), or if
Settings.Global.NETWORK_AVOID_BAD_WIFI = AVOID, then
the device switches back to mobile.
- If Mobile is not connected, all the above applies. This
is not great for the messages including "switch to mobile"
but this patch doesn't change it.
Test: manual
Change-Id: Idb05b6a6e5c085f5ef72435d462e14bfd1341f87
If a notification is up and the avoid bad wifi setting
is turned off, the notification should disappear.
This patch also adds some general tests for the bad wifi
notifications.
Test: new tests in this patch
Change-Id: I5bc42afbe0efd93cfb59a759bf0aaba49a4bfc9f
In the previous code, ConnectivityService would mark a network
a captive portal when NetworkMonitor sends it a message to notify
the user for it. Theoretically, this is incorrect ; instead, the
marking should be done upon receiving the message that the network
was tested to be a captive portal.
In practice this hasn't been a problem so far. The captive portal
capability is observable in the app-received callbacks, but for
these purposes the old code and the new code behave the same, in
that in the callbacks, the network used to not have the portal
capability, then later it acquires it.
However, this is only not a problem as long as the captive portal
bit isn't used by network selection, which an upcoming change has
to implement for the "prefer bad wifi" feature. When that is the
case, network selection prefers the wrong result between the time
the network is marked as having been evaluated and the time the
network has been marked a captive portal. It should be marked as
both at the same time to avoid this discrepancy. This is what
this patch is accomplishing.
To do this correctly, this patch also has to disconnect the network
immediately upon it being tested as a captive portal if the old
CAPTIVE_PORTAL_MODE setting is set to CAPTIVE_PORTAL_MODE_AVOID,
instead of keeping it until NM sends the message to notify about
it.
Unfortunately because of the relative timing of the events this
patch has observable impact on what callbacks are sent because of
b/245893397 (the DoubleValidated bug). Before this patch, there
would be an extra useless callback when a captive portal validates
where the capabilities contain both VALIDATED and CAPTIVE_PORTAL,
then a second callback removing CAPTIVE_PORTAL. This patch fixes
this, but unfortunately introduces a symmetrical extra useless
callback when a captive portal network starts matching a callback,
where onCapabilitiesChanged is fired a second time after the
onAvailable sequence with the same capabilities. Fixing this is
very complex ; the best (and simplest) solution is really to
address b/245893397 decisively.
In the mean time, the behavior implemented by this patch is better
than the old one, because there no longer is an observable state
where the network is supposed to be a closed captive portal AND
validated, but instead there is a useless, but correct, caps
callback that mirrors exactly the one from b/245893397. When
b/245893397 is addressed this behavior goes away at the same time,
so this is probably the better behavior.
Test: FrameworksNetTests CtsNetTestCases
Change-Id: I6694db498507860e1d711e2aa0c591dfbfa90be2
This patch removes the 8-second unvalidated prompt timer
and replaces it with a 20-second timer that does the
same thing in addition to signalling the stack that the
concerned network has now undergone evaluation once.
Test: FrameworksNetTests
Change-Id: I806f2bdfbf35243fa7cdb1cd1f0a5d549cfcd9c8
These timestamps will be useful for debugging issues where
debuggers need to know what happened to long-lived networks,
where logcat doesn't span long enough.
These timestamps are also likely to be useful in the future,
in particular for metrics.
Test: FrameworksNetTests
Change-Id: I8f46ce92e2ab301fa32e18e714a43a4130719199
Currently, CS would receive user added/removed intents and notify
PermissionMonitor by onUser[Added|Removed] methods.
If PermissionMonitor can receive those intents itself, it can
process the change more quickly. Moreover, these two methods do
not need to be public. Thus, receive the intents from
PermissionMonitor and make these two methods as package private.
Bug: 232048835
Test: atest FrameworksNetTests CtsNetTestCases
Change-Id: I744cfbf5035badc6a0ba1764c5e6b93a56dfa93b
Currently, NetworkAgentInfo#satisfies determines whether a
network exists (and should satisfy requests) based on
|created|, not |everConnected|. This is theoretically incorrect
because networks in CONNECTING state or similar must never
satisfy requests or call callbacks.
This cannot happen for requests. New requests are only added to
networks by NetworkAgentInfo#addRequest, which is only called by
computeNetworkReassignment via updateSatisfiersForRematchRequest,
which skips any network with everConnected = false. It can
potentially happen to listens though.
Also, this cannot ever happen for physical networks, because for
physical networks, created is set at the same time as
everConnected, the first time they enter CONNECTED state.
In theory, this can happen for VPNs since ag/988402 , which
changed the code to create VPN networks as soon as they enter
CONNECTING state. That CL added the everConnected boolean to
NetworkAgentInfo but did not update the satisfies and
satisfiesImmutableCapabilitiesOf checks to use everConnected.
In practice, even for VPNs this is very unlikely, since VPNs
advance from CONNECTING to CONNECTED essentially immediately.
Even if they didn't, sending callbacks before they enter
CONNECTED state would be incorrect because the app receiving
the callback would have no way of knowing that the network is
actually not yet connected.
With this change, some checks for everConnected become spurious,
because a network with everConnected=false cannot satisfy either
requests or listens. Remove these checks.
Test: extensively tested by existing ConnectivityServiceTest
Change-Id: I024bb2b85bc57228d53e69a7707c7ce7ac756259
This reverts commit daf5cb64cc.
Reason for revert: dumpstate has the same information
Bug: 243313712
Change-Id: Ie8283cd942bff6ef9dbb66e5926bf650bd56997f
This is a no-op refactoring which uses common PerUidCounter
from the static library and delete the private implementation
inside ConnectivityService. This refactoring includes:
1. Make a private implementation that inherite PerUidCounter
to convert and rethrow exception to maintain backward
compatibility.
2. Adjust per-uid max limit argument in the counter constructor
since the private implementation is already buggy.
3. Use the getter in PerUidCounter for the existing tests.
Test: testNetworkCallbackMaximum
testProfileNetworkPrefCountsRequestsCorrectlyOnSet
testRequestCountLimits
Bug: 235771502
Change-Id: I5c49edab18774acf819828201041c9931fabccc4
Follow up from aosp/1781202 and aosp/1821293, creating nris
before removing old nris had been proven not necessary for
per-app API flow. Hence, the per-uid counter hack for system
uid that allows counter temporary go over limit does not
actually be used in the production code.
In other words, this CL is a no-op refactoring.
Test: testRequestCountLimits
Bug: 235771502
Change-Id: I8f71c6e4506fbec60cb503731aee64ab022b4634
