Revert "Add new network quirk parcelable in the NetworkAttributes."
Revert submission 1323251-ipv6_prov_loss_quirk_parcelable
Reason for revert: Breaks CtsStrictJavaPackagesTestCases
Reverted Changes:
I18e05c09f:Add new network quirk parcelable in the NetworkAtt...
I8dbff2377:Test IPv6ProvisioningLossParcelable in the Network...
Change-Id: Ie906919b344131cd768fbed787248d3caac2f74d
This is a Client-only solution.
- Add to NetdClient a per-process std::atomic_boolean
similar to netIdForProcess and netIdForResolv.
- The boolean says whether the process should be
allowed Internet connectivity.
- Add an @hide method to NetUtils.java to set the boolean;
call it from the initialization code of the new
process just after forking from zygote.
- Make netdClientSocket and dnsOpenProxy check the
boolean. If the boolean is false, return EPERM from
socket calls.
Bug: 150028556
Test: atest NetworkUtilsTest
Test: atest CtsAppSecurityHostTestCases:UseProcessTest
(cherry-pick from internal branch, ag/11881939)
Merged-In: If002280fbad493dfc2db3d9d505c0257d49a9056
Change-Id: If002280fbad493dfc2db3d9d505c0257d49a9056
This is a Client-only solution.
- Add to NetdClient a per-process std::atomic_boolean
similar to netIdForProcess and netIdForResolv.
- The boolean says whether the process should be
allowed Internet connectivity.
- Add an @hide method to NetUtils.java to set the boolean;
call it from the initialization code of the new
process just after forking from zygote.
- Make netdClientSocket and dnsOpenProxy check the
boolean. If the boolean is false, return EPERM from
socket calls.
Bug: 150028556
Test: atest NetworkUtilsTest
Test: atest CtsAppSecurityHostTestCases:UseProcessTest
Change-Id: If002280fbad493dfc2db3d9d505c0257d49a9056
Exempt-From-Owner-Approval: OWNERS already approved identical patchset 5
This commit adds support for validating and filtering IPsec algorithms.
Without a public API exposing IKEv2 algorithms (and their respective
public APIs), the allowedAlgorithms can only filter the proposals for
IPsec (Child) SA algorithms.
Additionally, this removes the HMAC_SHA1 from the IKE SA's integrity
algorithm proposals due to insecurity
Bug: 153701879
Test: FrameworksNetTests passing, new tests added
Change-Id: I7e61a1612692db275b751330af5bacbf86836a8c
Merged-In: I7e61a1612692db275b751330af5bacbf86836a8c
(cherry picked from commit 94e1c08a9ad4b0ff17e0f3a77fff0d3364040ba5)
TelephonyNetworkSpecifier will now treat null as matching nothing. When
the request specifies a TelephonyNetworkSpecifier while the network does
not, this should not be treated as a match.
Bug: 154703135
Test: atest android.net.TelephonyNetworkSpecifierTest
Change-Id: I329110e929995c9eae6c6ce33b5414777acea1e1
This commit adds support for validating and filtering IPsec algorithms.
Without a public API exposing IKEv2 algorithms (and their respective
public APIs), the allowedAlgorithms can only filter the proposals for
IPsec (Child) SA algorithms.
Additionally, this removes the HMAC_SHA1 from the IKE SA's integrity
algorithm proposals due to insecurity
Bug: 153701879
Test: FrameworksNetTests passing, new tests added
Change-Id: I7e61a1612692db275b751330af5bacbf86836a8c
Commit has to on top of aosp/1281921 to skip whole test in Q
device since CaptivePortalData class is introduced in R.
Result in Q will be:
[1/1] android.net.CaptivePortalDataTest#skippedClassForDevSdkMismatch: IGNORED
Bug: 152280218
Bug: 150640683
Test: atest CtsNetTestCasesLatestSdk:CaptivePortalDataTest on
both Q and R device
Merged-In: Iddd00e1c85abe767b1a41a1761d3266ba322dba6
Change-Id: Iddd00e1c85abe767b1a41a1761d3266ba322dba6
Commit has to on top of aosp/1281921 to skip whole test in Q
device since CaptivePortalData class is introduced in R.
Result in Q will be:
[1/1] android.net.CaptivePortalDataTest#skippedClassForDevSdkMismatch: IGNORED
Bug: 152280218
Bug: 150640683
Test: atest CtsNetTestCasesLatestSdk:CaptivePortalDataTest on
both Q and R device
Change-Id: Iddd00e1c85abe767b1a41a1761d3266ba322dba6
In current design, entries with zeros are preserved after
addition/subtraction. These entries are not very useful
and lead to difficulty of verifying the result of
addition/subtraction.
However, change the behavior in the original NetworkStats
is considered risky in current stage.
Thus, this change provide a function that could remove these
empty entries in tests.
Test: atest FrameworksNetTests
Bug: 152827872
Bug: 150644692
Change-Id: I40a76935d55712b8083ee1e17e137a8a4ef5e029
Merged-In: I40a76935d55712b8083ee1e17e137a8a4ef5e029
(cherry picked from commit 6c7bef3064dbe949b7b213036b8e70c125ddd343)
In current design, entries with zeros are preserved after
addition/subtraction. These entries are not very useful
and lead to difficulty of verifying the result of
addition/subtraction.
However, change the behavior in the original NetworkStats
is considered risky in current stage.
Thus, this change provide a function that could remove these
empty entries in tests.
Test: atest FrameworksNetTests
Bug: 152827872
Bug: 150644692
Change-Id: I40a76935d55712b8083ee1e17e137a8a4ef5e029
- InvalidPacketException, public field should be a method so
add getter to get error code.
- KeepalivePacketData, public fields should be methods so
add getter for fields.
Bug: 151322799
Test: atest FrameworksNetTests
atest FrameworksWifiTests
atest FrameworksTelephonyTests: some failure in CarrierAppUtilsTest
Copy from ag/10731108
Change-Id: Id01e6135193716cc21bba11da529bf1507a954f7
Merged-In: Id01e6135193716cc21bba11da529bf1507a954f7
- InvalidPacketException, public field should be a method so
add getter to get error code.
- KeepalivePacketData, public fields should be methods so
add getter for fields.
Bug: 151322799
Test: atest FrameworksNetTests
atest FrameworksWifiTests
atest FrameworksTelephonyTests: some failure in CarrierAppUtilsTest
Change-Id: Id01e6135193716cc21bba11da529bf1507a954f7
* changes:
[SP25] Rename functions that add Entry conditionally
[SP24] Rename functions that add Entry unconditionally
[SP23] Address misc API review comment about NetworkStats
[SP21] Address comments for API council review about aosp/1172143
[SP20] Check signature permission when accessing network stats provider
API Council feedback suggests renaming ConnectivityDiagnosticsCallback
'onConnectivityReport' function to be 'onConnectivityReportAvailable'.
Bug: 150598997
Test: atest FrameworksNetTests
Change-Id: Ieea727ecee6cf358a53a215fd4b06233dfe967ea
Merged-In: Ieea727ecee6cf358a53a215fd4b06233dfe967ea
Currently, in NetworkStats, there are many methods to manipulate
the records. However, some methods are similar and ambiguous,
such as addEntry, addValues, setValues, addIfaceValues,
combineValues and combineAllValues.
Thus, properly grouping and renaming methods are necessary.
In this change, for methods that add one record unconditionally,
name them insertEntry.
setIfaceValues -> insertEntry
addEntry -> insertEntry
Test: atest FrameworksNetTests ImsPhoneCallTrackerTest TetheringTests
Test: m doc-comment-check-docs
Bug: 148895143
Change-Id: I801ddc49e283a254b9586700c9b597c0adb0d459
Merged-In: I801ddc49e283a254b9586700c9b597c0adb0d459
(cherry picked from aosp/1256352)
API Council feedback suggests renaming ConnectivityDiagnosticsCallback
'onConnectivityReport' function to be 'onConnectivityReportAvailable'.
Bug: 150598997
Test: atest FrameworksNetTests
Change-Id: Ieea727ecee6cf358a53a215fd4b06233dfe967ea
(cherry picked from commit 324b224cc48fcb12125bd1727be70ad2effbfce3)
Currently, in NetworkStats, there are many methods to manipulate
the records. However, some methods are similar and ambiguous,
such as addEntry, addValues, setValues, addIfaceValues,
combineValues and combineAllValues.
Thus, properly grouping and renaming methods are necessary.
In this change, for methods that add one record unconditionally,
name them insertEntry.
setIfaceValues -> insertEntry
addEntry -> insertEntry
Test: atest FrameworksNetTests ImsPhoneCallTrackerTest TetheringTests
Test: m doc-comment-check-docs
Bug: 148895143
Change-Id: I801ddc49e283a254b9586700c9b597c0adb0d459
Use the new ModuleNetworkStackClient to retrieve instances IpMemoryStore
& IpClient.
Bug: 145825329
Test: Compiles
Change-Id: I065525fdbd64b9509ef0f47bb35954d267c65fd2
Merged-In: I065525fdbd64b9509ef0f47bb35954d267c65fd2
Use the new ModuleNetworkStackClient to retrieve instances IpMemoryStore
& IpClient.
Bug: 145825329
Test: Compiles
Change-Id: I065525fdbd64b9509ef0f47bb35954d267c65fd2
Add srcs to framework and change import path.
Remove the codes which are moved to frameworks/libs/net.
Bug: 139268426
Bug: 135998869
Bug: 138306002
Bug: 143925787
Test: atest FrameworksNetTests
atest FrameworksTelephonyTests
./frameworks/opt/net/wifi/tests/wifitests/runtests.sh
Change-Id: Ia5692aade490fbc8a037186fcdfc453e0dd8045b
Merged-In: Ibf2f370c97a602f186e37ea9ffbe177dd2ee0f1c
Add the requestorUid & requestorPackageName fields to
NetworkCapabilities. This is populated by CS when
a new network request is received.
These 2 requestor fields are also optionally used for network
matching. All of the regular app initiated requests will have the
requestor uid and package name set by connectivity service. Network
agents can optionally set the requestorUid and requestorPackageName
to restrict the network created only to the app that requested the network.
This will help removing the necessity for the various specifiers to embed
the uid & package name info in the specifier for network matching.
Note: NetworkSpecifier.assertValidFromUid() is deprecated & removed in
favor of setting the uid/package name on the agent to restrict the
network to a certain app (useful for wifi peer to peer API & wifi aware).
Bug: 144102365
Test: Verified that wifi network request related CTS verifier tests
pass.
Test: Device boots up and connects to wifi networks
Merged-In: I207c446108afdac7ee2c25e6bbcbc37c4e3f6529
Change-Id: I58775e82aa7725aac5aa27ca9d2b5ee8f0be4242
This commit allows the startLegacyVpn() call to start Platform VPN
profiles, allowing Settings to use the IKEv2/IPsec VPN options
When using an aliased private key, the
Ikev2VpnProfile.KEYSTORE_ALIAS_PREFIX must be prepended to the front of
the alias. This will in turn result in the fromVpnProfile() function to
pull the key from the KeyStore, as opposed to the inline-key that the
VpnManager API uses.
Bug: 148991741
Test: FrameworksNetTests passing, new tests added in subsequent CL
Test: Manually tested
Change-Id: Icbca695c353b2e12e99305676404dbf1a4495949
