Currently, even when VPN Lockdown mode is enabled, incoming packets are
not dropped if VPN is not connected.
This commit fixed this issue.
After this commit, If VPN Lockdown mode is enabled, incoming packets
are dropped regardless of the VPN connectivity.
Bug: 206482423
Test: atest TrafficControllerTest ConnectivityServiceTest PermissionMonitorTest
Change-Id: If52ece613c8aac1073355e43b6fb9cb3fcc87d1d
ConnectivityManager have a self reference static instance. This
causes a leak if context is refernce from a static variable. Using
the applicationContext, which will never be freed for the life of the
application, for the sInstance static instance.
Bug: 202978965
Test: atest ConnectivityManagerTest
Change-Id: I87206e1bfbb1f877b5a10f5fdbc25e2f9f11bef4
Split the updateXXX methods into an addXXX and removeXXX instead of using
a boolean parameter to indicate whether the uid should be added or removed
Bug: 218494748
Test: atest FrameworksNetTests
Change-Id: I868cf35c8f51b25d8719e618c6c48a5cd642da7f
swapActiveStatsMap is temporary added for the NetworkStatsFactory to
call BpfNetMaps#swapActiveStatsMap in tethering mainline module. Now
NetworkStatsFactory already be mainlined, calling BpfNetMaps#swapActiveStatsMap
directly.
Bug: 218494448
Test: atest ConnectivityCoverageTests
atest FrameworksNetTests
Change-Id: I3358e4ac5fb7ed0964273afdbccd1b4128ca7645
The API won't modify the passed NetworkCapabilities and
LinkProperties, but redactNetworkCapabilitiesForPackage and
redactLinkPropertiesForPackage sound like they will. To reduce
the confusion, rename the API with prefix "getRedacted".
Also modify the javadoc to describe more about what the API will
do if the given UID doesn't have location permission.
Bug: 220367512
Test: atest CtsNetTestCases
Change-Id: I964f1062da1ae96df9b369b911486da1379b8a19
Some system components like VPN need to know how to redact
NetworkCapabilities & LinkProperties that they received from
the system but need to send to third-party applications with
less privilege than themselves. To make sure the redaction is
consistent, expose system API methods to do it that are wired
to the same redaction code used by ConnectivityService.
Bug: 191413541
Test: atest CtsNetTestCases, which includes new CTS for these
Change-Id: Ia3ae4755b5192884c147d6828f96cedac000a25b
This CL should be reverted before T sdk finalized.
This API is temporary added for the NetworkStatsFactory which is platform
code but will be moved into connectivity (tethering) mainline module.
Bug: 209935649
Test: atest CtsHostsideNetworkTests
Change-Id: I5894450f3089b2ea105722a18ddf8f1eed1c28a0
To deprecated firewallReplaceUidChain netd binder and move the
functionality to tethering (connectivity) mainline module, expose
replaceFirewallChain to support the caller outside the module.
Currently the API are still call to netd. Will replace with the
implementation inside tethering (connectivity) module.
Bug: 209935649
Test: atest CtsHostsideNetworkTests
Change-Id: If7a87548b0a3acda00a1455da4e4ff24a630ddc7
To deprecated firewallEnableChildChain netd binder and move the
functionality to tethering (connectivity) mainline module, expose
setFirewallChainEnabled to support the caller outside the module.
Currently the API are still call to netd. Will replace with the
implementation inside tethering (connectivity) module.
Bug: 209935649
Test: atest CtsHostsideNetworkTests
Change-Id: I9b64c9d12260521489a87fbeae5afbee2a8ea8f6
To deprecated firewallSetUidRule netd binder and move the functionality to
tethering (connectivity) mainline module, expose updateFirewallRule to
support the caller outside the module. Currently the API are still call
to netd. Will replace with the implementation inside tethering
(connectivity) module.
Bug: 209935649
Test: atest CtsHostsideNetworkTests
Change-Id: I0b53c999e06c2378afec0eb491815ec398c91b0b
Add a method to apply a set of network preferences to a user profile
Bug: 194332512
CTS-Coverage-Bug: 211133973
Test: CTS
Change-Id: I97730ea14e7c96922236fd77a591e5acadd875ba
To deprecated below netd binder interfaces and move the functionality to
tethering(connectivity) mainline module:
bandwidthAddNaughtyApp
bandwidthRemoveNaughtyApp
bandwidthAddNiceApp
bandwidthRemoveNiceApp
Expose updateMeteredNetwork{Allow, Deny}List APIs to support the caller
outside the module. Currently the two APIs are still call to INetd
binders. Once functionality is moved to mainline module, will switch to
use them.
Bug: 209935649
Test: m
Change-Id: I8df720935748c2587f91a7b760cfd5a93a0fa852
Connectivity's metalava invocation does not depend on framework-wifi,
so these references fail to resolve, and as a result metalava currently
removes the import.
Fully qualify the references instead, to avoid both metalava trying
to resolve the dependency, and having to depend on framework-wifi just
for javadoc.
Bug: 186197911
Test: build the sdk (with connectivity module stubs as input)
Change-Id: I7129821b9a0d08d06f8e977a3c17fa5f5f6f9cee
The registered listeners are added into internal ArrayMap as a
reference but are not removed when the listeners are
unregistered. The actions for registration should be done in
pairs.
Test: atest FrameworksNetTests
Change-Id: Id9e674f5104d1471dd81224b6a271a8a92172e34
The removeDefaultNetworkActiveListener should do the
unregisteration but it's incorrectly calling
registerNetworkActivityListener into the ConnectivityService.
Bug: 199753782
Test: atest FrameworksNetTests CtsNetTestCases
Change-Id: I65a2ddc82989d736316d51f5058e707f5b261a82
In order to make ConnectivityService the mainline module in ANDROID 12,
The earliest ConnectivityService API getActiveNetworkForUid was exposed.
But after that public api getActiveNetworkForUid and all callers
(Outside the module) has been deleted or replaced in android 12
version. So we should delete the public API in AOSP to keep the APIs
of Android 12 & AOSP consistent and also avoid using it again in AOSP.
The commit is equivalent to ag/14029494, but done in a different repo.
Bug: 183465229
Test: atest ConnectivityControllerTest
Merged-In: I3c2563d4ae4e3715d0c6270344ba8f7ef067872f
Change-Id: I50a39d6391c88bbb914a63fdb17bae6851591c01
Core platform API stubs are now correctly included in module_current and
system_server_current, so workarounds used to use such APIs can be
removed.
OsCompat and InetAddressCompat were only necessary because manually
adding the stubs did not resolve the problem for classes that had
public API stubs, which shadowed the module API stubs.
The manual stubs dependency was already removed in another change. Also
remove the service jar dependency on android_system_server_stubs_current
as it is already included in sdk_version system_server_current.
Bug: 183097033
Test: atest CtsNetTestCases
Change-Id: Id448be03b679f832edb24f1b77f471227faf5268
ConnectivityManager.setAvoidUnvalidated only works if the
config_networkAvoidBadWifi configuration is set to 0 and the
NETWORK_AVOID_BAD_WIFI setting is unset. There is no easy way
for a testing app to temporary set a test value to verify the
behavior of the API. Thus, add a mechanism to allow test app
to set a period of time to temporary unstrict the resource
configuration, i.e. Temporary simulate config_networkAvoidBadWifi
configured to 0.
Bug: 186061922
Test: atest CtsNetTestCases FrameworksNetTests
Change-Id: If772078c61a9b12926f104d5dfc9c9071e844732
Many applications use ConnectivityManager without needing
TetheringManager (or without calling legacy ConnectivityManager methods
that delegate to TetheringManager), so initializing TetheringManager
when ConnectivityManager is created wastes resources.
This is especially true considering that TetheringManager is not trivial
to initialize (worst case scenario it starts a thread and does multiple
Binder requests), and ConnectivityManager is created in ActivityThread
when setting up the app proxy on startup.
Bug: 190556328
Test: atest FrameworksNetTests CtsNetTestCases TetheringTests
Change-Id: I2ba7b8f2b9e1c934cfb082776b8d643f2f2c17e5
The design is very simply expressed :
An offer is needed for a request if and only if that offer
might beat the satisfier for that request.
The implementation of "might beat" is NetworkRanker#mightBeat.
Test: FrameworksNetTests FrameworksWifiTests NetworkStackTests
Bug: 167544279
Merged-In: I3c2563d4ae4e3715d0c6270344ba8f7ef067872f
Merged-In: I0fe911eef2483ecbac48c733d56283b81538690a
Change-Id: I0fe911eef2483ecbac48c733d56283b81538690a
(cherry-picked from 7b6a33bd50)
