To prevent ProxyInfo calling hidden API, use public one -
Parcel#createStringArray() instead.
Bug: 170598012
Test: atest FrameworksNetTests
Change-Id: I1a5376872d743e1863982bb95d579aeba7159d33
It's the preparation for the incoming ConnectivityService
mainline. The mainline modules can not access hidden APIs.
Thus, the hidden APIs usage should be removed.
The getFileDescriptor$() in Socket or DatagramSocket is
hidden for internal usage. It should be used in a module and
not prefer to expose as an API. Thus, replace it with
ParcelFileDescriptor APIs to get the fd via
ParcelFileDescriptor.
Bug: 170598012
Test: atest FrameworksNetTests
Change-Id: I05b31a48315e7e6d95e22123103e544a7136a449
To prevent mainline module related file to access a hidden API,
check whether the NetworkSpecifier is an instance of
MatchAllNetworkSpecifier by itself.
Bug: 172183305
Test: atest FrameworksNetTests
Change-Id: I4d49cb70ff3c8a7e1ffa32e38207c74a6375e51a
As a preparation of exposing system API. This patch does some
harmless refactoring, which includes:
1. Move VpnInfo to android.net
2. Add nullability annotations
3. Make members final
Bug: 174123988
Test: TH
Change-Id: I1530bb45d0e84c28c6deac33596bc686058afc0d
ConnectivityService is going to become a mainline module which
can not access the hidden APIs. The int descriptor of a
FileDescriptor is hidden for internal use only. The Network and
NetworkUtls will be parts of CS module. The corresponding usage
should be removed. There is no way in a module to access the
descriptor, so update the jni to set a FileDescriptor to native
to get the int descriptor inside the platform.
Also, update the other references in android_net_NetUtils for
getting fd to use the NDK functions in the libnativehelper.
Bug: 170598012
Test: atest FrameworksNetTests CtsNetTestCasesLatestSdk
Test: manually connect to a VPN
Change-Id: I2143c079feac53917a6e7bf7422f3180f51437fb
* The match method is only for local address and port since we have
no other use case.
Bug: 155176305
Test: Added new test
Change-Id: I7b45f9912af6a192fc60606f5e0b4cc479aea93f
The API surface is planned to move to the Connectivity module, meaning
that it will be maintained across multiple Android releases.
This is incompatible with TestApi semantics, which are designed to be
removable across releases. Effectively the APIs become SystemApi, so
mark them as such considering that TestApi is not supported by modules.
Remove the NetworkCapabilities.getCapabilities test API that is not
essential for tests, and mark other APIs as module API.
Test: m
Bug: 174436414
Change-Id: Ic04551a9874b3d756cf5e6c77ceabfc7c85d52a6
* Provide App Developers Qos related info associated to
a bound socket through ConnectivityManager
* Qos sessions are generated and filtered by Network Agents
and sent back through the Connectivity Service to the
API consumer.
* The structure of the code within com.android.server
is designed to support different types of filters in the
the future.
* The first type of Qos Attributes are related to EPS
Bearers in order support RCS.
Bug: 155176305
Test: Added to cts/NetworkAgentTest
Test: Added to ConnectivityServiceTest
Change-Id: I145dd065d9deeee449eb9695ab3f6c8556ee7c09
The bundle is no longer necessary, as this message is not sent across
processes: the network list can be sent directly in the message obj
pair.
Bug: 173574274
Test: atest FrameworksNetTests CtsNetTestCasesLatestSdk
Change-Id: Iae049a24212ff9df19b29aead20bf4a594f05f99
Using FileDescriptor in the aidl will refer to
Parcel.readRawFileDescriptor() and Parcel.writeRawFileDescriptor()
whilie trying to do parcel operations. Those two APIs are hidden
and not accessible for the incoming ConnectivityService mainline
module. For such use cases in a module, it should be replaced by
using ParcelFileDescriptor that is designed for such usages.
Bug: 170598012
Test: atest FrameworksNetTests CtsNetTestCasesLatestSdk
Change-Id: Ia7e3a71ccb4b136cc55c9e90a384870c32cfd37b
The API surface is planned to move to the Connectivity module, meaning
that it will be maintained across multiple Android releases.
This is incompatible with TestApi semantics, which are designed to be
removable across releases. Effectively the APIs become System/module
API, so mark them as such considering that TestApi is not supported by
modules.
Test: m
Bug: 174436414
Change-Id: Icd32fcbb65e9a4bb2b67cb9da7c971281be0781a
MultinetworkPolicyTracker is part of Connectivity mainline module
which cannot call @hide API Context#registerReceiverAsUser. Thus,
replace it to Context#registerReceiverForAllUsers.
Bug: 170634463
Test: atest FrameworksNetTests
Test: Manully check that receiving intent and unregistering
receiver can work normally.
Change-Id: Ie22a3aa40bc9243082672a64dba7c7940f9ff21a
This will be mainly used by VCN management service which will
need to hold the networks but preserve the backgrounded-ness
of the networks.
Test: android.net.ConnectivityManagerTest#testRequestType
Test: android.net.cts.ConnectivityManagerTest#testRequestBackgroundNetwork /
--rerun-until-failure 100
Test: ConnectivityServiceTest#testBackgroundNetworks
Test: m -j doc-comment-check-docs
Bug: 175662146
Change-Id: If9aaa87b7e71c2b695ac7b08858850e975b28bb6
If IOException happens while trying to start keepalives sockets,
an invalid fd will be constructed. It will fail with
ERROR_INVALID_SOCKET if the user later calls start(). Current
design to construct the invalid fd use the hidden
ParcelFileDescriptor constructor which will not work for the
incoming ConnectivityService mainline. Thus, replace it with
the other formal API.
Bug: 170598012
Test: atest FrameworksNetTests
Change-Id: I57fd7ec2281c5e8c75481200bbde723ecf96982a
Connectivity mainline module cannot use hidden API so
replace Slog with Log which is a public API.
Test: FrameworksNetTests
Change-Id: I8758079cf635ff4ab218df53c0f7bf6fc23ce476
Generally, a manager class in Android is used to access
system services and it should be obtained from Context.
This class is a bit different from the definition of a
manager class.
API linter will detect an error if trying to expose a
class name end with Manager. ProxyTracker will create a
new instance of this class so this class needs to be
renamed to avoid API lint error.
Bug: 177035719
Test: FrameworksNetTests
Change-Id: I9185d4fb4342bd285a575f0bdd3518b758f37eb6
Add new capability to indicate whether a network is
managed by Virtual Carrier Network (VCN). This is needed
to identify networks between VCN managed network and
others. And this capability will be:
1. mutable
2. requestable
3. set by default for network agents and requests
4. allowed for test networks
Test: 1. atest FrameworksNetTests CtsNetTestCases
2. adb shell dumpsys connectivity
3. atest ConnectivityServiceTest#testLoseMutableAndRequestableCaps
Bug: 175662146
Change-Id: Ia5eeb3912a687164fa95d7ba5516fd73abca79ba
Changes:
i) Add a new constructor for NetworkCapabilities which accepts whether
location sensitive fields need to be parceled or not. Defalts to false
on the other constructor. This boolean should only be set on the copy of
NetworkCapabilities when sent to apps that hold location permission.
(Similar to how sensitive fields are handled in LinkProperties)
ii) Add a new makeCopy() method in the TransportInfo interface which
accepts whether location sensitive fields need to be parceled or not.
iii) Migrate the existing NetworkCapabilities owner UID masking to use
this new mechanism (instead of existing masking in ConnectivityService).
iv) Always set parcelLocationSensitiveFields to true in the NetworkAgent
surface (since that is a privileged surface from the transports to the
connectivity service)
v) Add a hasSensitiveFields() in TransportInfo interface to avoid
perfoming location permission checks for location insensitive
TrasnsportInfo.
Also, migrate to the new SdkLevel util for isAtLeastR() & isAtLeastS()
checks.
Bug: 162602799
Test: atest android.net
Test: atest com.android.server
Change-Id: Ie522d8c75a82ae521ccfd5165823d0c72642e651
Merged-In: Ie522d8c75a82ae521ccfd5165823d0c72642e651
Currently, ConnectivityService decides the request type by
whether NetworkCapabilities is null when handling request
network. However, to fulfill the need of firing background
request via ConnectivityManager in the follow-up patches,
the request type is needed to pass into ConnectivityService.
This change also make ConnectivityService utilizes the passed
request type.
Test: atest ConnectivityManagerTest#testRequestType
Bug: 175662146
Change-Id: I3bc172bca1217c8020db45057a621d0745d43b3c
Extend CaptivePortalData with a member to hold the venue friendly
name. If CaptivePortalData is initialized by both the network
agent and Capport, merge the two objects to include the venue
friendly name and prioritize the venue URL from the network
agent.
Bug: 162783305
Test: atest ConnectivityServiceTest
Test: atest CtsNetTestCasesLatestSdk:CaptivePortalDataTest
Test: End-to-end test
Change-Id: I4fdf356be42237c5b6c0ae5bacfd3cec4726861b
This reverts commit a37dda6024.
Reason for revert: After discussion, we prefer to add a field in NetworkCapabilities instead. Sorry for inconvenience.
Change-Id: I2e8840a797df9d1594f2b8b576bcd45beb184fca
Currently, when an always-on VPN is set in lockdown mode, Vpn
configures prohibit UID rules in netd directly and does not
inform ConnectivityService of the fact.
This means that ConnectivityService cannot send NetworkCallbacks
that tells apps that they are blocked or unblocked. It also means
that ConnectivityService has to take the mVpns lock and call into
Vpn to allow synchronous APIs such as getActiveNetwork to return
BLOCKED if the app is blocked.
Move all this to ConnectivityService:
- Add a setRequireVpnForUids API to ConnectivityManager, and have
that pass the routing rules to netd.
- Update VpnTest to expect calls to ConnectivityManager instead
of to netd.
- Whenever setRequireVpnForUids is called, ensure that
ConnectivityService sends onBlockedStatusChanged to the
affected callbacks.
- Update existing unit tests to check for callbacks.
- Add a way to find the VPN that applies to a given UID without
taking the VPN lock, by instead scanning all connected VPNs.
Use this as a replacement for direct access to mVpns.
For simplicity, and in order to ensure proper ordering between
the NetworkCallbacks sent for VPNs connecting and disconnecting,
process blocked UID ranges on the handler thread. This means that
when setRequireVpnForUids returns, the rule changes might not
have been applied. This shouldn't impact apps using network
connectivity, but it might mean that apps setting an always-on
package, and then immediately checking whether networking is
blocked, will see a behaviour change.
Bug: 173331190
Fix: 175670887
Test: new test coverage in ConnectivityServiceTest
Test: atest MixedDeviceOwnerTest#testAlwaysOnVpn \
MixedDeviceOwnerTest#testAlwaysOnVpnLockDown \
MixedDeviceOwnerTest#testAlwaysOnVpnAcrossReboot \
MixedDeviceOwnerTest#testAlwaysOnVpnPackageUninstalled \
MixedDeviceOwnerTest#testAlwaysOnVpnUnsupportedPackage \
MixedDeviceOwnerTest#testAlwaysOnVpnUnsupportedPackageReplaced \
MixedDeviceOwnerTest#testAlwaysOnVpnPackageLogged \
MixedProfileOwnerTest#testAlwaysOnVpn \
MixedProfileOwnerTest#testAlwaysOnVpnLockDown \
MixedProfileOwnerTest#testAlwaysOnVpnAcrossReboot \
MixedProfileOwnerTest#testAlwaysOnVpnPackageUninstalled \
MixedProfileOwnerTest#testAlwaysOnVpnUnsupportedPackage \
MixedProfileOwnerTest#testAlwaysOnVpnUnsupportedPackageReplaced \
MixedProfileOwnerTest#testAlwaysOnVpnPackageLogged \
MixedManagedProfileOwnerTest#testAlwaysOnVpn \
MixedManagedProfileOwnerTest#testAlwaysOnVpnLockDown \
MixedManagedProfileOwnerTest#testAlwaysOnVpnAcrossReboot \
MixedManagedProfileOwnerTest#testAlwaysOnVpnPackageUninstalled \
MixedManagedProfileOwnerTest#testAlwaysOnVpnUnsupportedPackage \
MixedManagedProfileOwnerTest#testAlwaysOnVpnUnsupportedPackageReplaced \
MixedManagedProfileOwnerTest#testAlwaysOnVpnPackageLogged
Test: atest FrameworksNetTests HostsideVpnTests \
CtsNetTestCases:VpnServiceTest \
CtsNetTestCases:Ikev2VpnTest
Change-Id: Iaca8a7cc343aef52706cff62a7735f338cb1b772
In order to support ConnectivityService mainline, module should
not use hidden APIs. The logic to get mobile provision is moved
to telephony surface since it's only used by telephony.
Hence, remove the design out from Connectivity.
Bug: 175177794
Test: atest FrameworksNetTests
Change-Id: Ic3082fc1c4d7ac998f4e4cff1351e6829d500924
Currently, LingerTimer takes a NetworkRequest for internal use.
However, this is unnecessary since only request Id is used.
Thus, this patch allows subsequent patches to remove the need
of a NetworkRequest when creating a LingerTimer. And the output
of lingered requests is reduced to id instead of printing
content of requests.
Test: atest FrameworksNetTests
Bug: 175180558
Change-Id: I9106d0804f1083942e1fcaca842f547c0aee1840
The wifi (mainline module) need to set the subscriberId for specific
wifi network.
Bug: 176396812
Test: TreeHugger
Change-Id: Ie97d3dad81c87d41a360558e91c83278595ff475
