Added not_metered capability to a mobile network if none
of its associated APN types are metered. Also used not_metered
capability to determine if a network should be accounted for
data usage or not instead of using network type, which is
always MOBILE after refactoring. Will add VT usage support
in next phase.
bug: 20888836
Change-Id: Id692cb856be9a47d0e918371112630128965b1bb
Granular per-UID network statistics can be used to infer user
behavior over time, so they fall under the umbrella of the
PACKAGE_USAGE_STATS permission.
Since we can't check app-ops based permissions in the kernel, the
best we can do is redirect users to the NetworkStatsManager class,
which offers a much more robust historical data set.
Bug: 27577101
Change-Id: I696bdc5e0b3d7e24acf35f388d0ab13617ed8af3
Apps making calls into the system server may end up persisting
internal state or making security decisions based on the perceived
success or failure of a call, or the default values returned.
The reality is that if the system process just died, init will be
along shortly to kill all running apps, so we should have no problem
rethrowing the RemoteException as a RuntimeException.
Bug: 27364859
Change-Id: Ife0bcb079636c88d54c44d17eb580409fd79028b
Similar to first patch, but now using new "rethrowFromSystemServer()"
method which internally translates DeadObjectException into
DeadSystemException. New logic over in Log.printlns() now
suppresses the DeadSystemException stack traces, since they're
misleading and just added pressure to the precious log buffer space.
Add some extra RuntimeInit checks to suppress logging-about-logging
when the system server is dead.
Bug: 27364859
Change-Id: I05316b3e8e42416b30a56a76c09cd3113a018123
NetworkStatsService will register data usage requests
and keep data usage stats scoped to the request.
There are different types of data usage requests
- scoped to a set of NetworkTemplate; these are restrictred to
device owners and carrier apps and allow the caller to monitor
all activity on the specified interfaces.
- scoped to all uids visible to the user, if the user has
android.Manifest.permission#PACKAGE_USAGE_STATS permission.
The set of uids may change over time, so we keep track of that.
- scoped to a set of uids given by the caller, granted that
the caller has access to those uids.
- scoped to the caller's own data usage. This doesn't require
PACKAGE_USAGE_STATS.
Bug: 25812785
Change-Id: Ie11f35fc1f29d0dbe82f7fc924b169bb55c76708
Allow holders of android.Manifest.permission#PACKAGE_USAGE_STATS
to be notified when data usage has exceeded a given threshold.
This allows an app to update its data usage metrics without
polling.
Bug: 25812785
Change-Id: I3a4904a97f3c7fbaf8071b460f9ee6ca9c1ba4ed
Network tags could be set since ICS but was not exposed
through the SDK. This CL extends existing functionality
of NetworkStatsManager to return network tags.
Bug: 25813338
Change-Id: I414b98193249ba88a3f2d64cb2e0d2633f64fa3f
Apps with PACKAGE_USAGE_STATS app op or READ_NETWORK_USAGE_HISTORY
granted can query the summarized device data usage (but not individual
uids running in other users or profiles).
Bug:26677052
Change-Id: Id51631638f338a8cf48172c9b41746228a335084
Whether a network is deemed roaming or not was already being tracked
as part of the NetworkIdentitySet, so the underlying data store
already tracks roaming and native data separately. However, this data
was being aggregated together in NetworkStatsCollection#getSummary,
since the NetworkIdentitySet is converted to an iface name for the
purposes of matching, and the iface name will be identical whether or
not the iface is considered roaming. Now it is separated.
Also fixes a long-standing bug in NetworkIdentitySet where an identity
read from a saved file would always be considered roaming == false,
even if it wasn't at the time it was written.
Bug: 25813438
Change-Id: I11ab5b51182ed8da7af8fde468df065f9fdc3dad
These are analagous to the state buckets for tracking whether usage is
incurred while the app is in the foreground or background. We will
additionally track whether data usage is incurred over a metered or
unmetered network, and whether it is incurred over a roaming or native
network.
The APIs are not implemented in this CL; the existing buckets are
still returned with METERING_ALL and ROAMING_ALL to indicate that this
is not yet being tracked.
Bug: 25813438
Bug: 25813958
Change-Id: I76dd3dd063ed28ef5579ca3a978570532e7836bc
Currently, access to network usage history and statistics requires a
signature|privileged permission, an AppOps bit (associated with the
PACKAGE_USAGE_STATS permission), or device/profile ownership. Once
access is granted via one of these mechanisms, it generally applies to
any UID running in the same user as the caller.
This CL expands access as follows:
-Any app can access its own usage history with no extra requirements.
-Carrier-privileged applications can access usage history for the
entire device.
-Device owners can access per-UID breakdowns for usage. Previously
they could access the summary for the whole device, but not the
individual breakdowns.
We simplify the permission model by defining three access levels -
DEFAULT (own app only), USER (all apps in the same user), and DEVICE
(all apps on the device), and propagate these levels throughout.
Finally, this CL fixes an apparent bug in
NetworkStatsSerice#hasAppOpsPermissions - if the AppOp bit was in
MODE_DEFAULT, hasAppOpsPermission would always return false instead of
falling back to the PackageManager permission check.
Bug: 25812859
Bug: 25813856
Change-Id: Ic96e0776e2a4215a400163872acea1ededfaced9
In rare cases, we might have created a network policy before an IMSI
was available. Because this policy is persisted, and we incorrectly
think that it always applies, we end up annoying the user when data
usage goes over the 2GB default warning threshold.
This patch fixes the network matching logic to ignore these empty
network policies when present.
Bug: 24972775
Change-Id: Id26499b6716121dddf0f2c05b848b0bed5995e72
Per UX, default strings should have space between value and units
resulting in "12.3 GB". Add a formatting variant that returns the
various components for callers who want to build their own strings.
For now there is only one mounted emulated volume at a time, and
it's always the primary storage, so give it the default rootId to
keep old Uris working.
Change-Id: Ifcc72a91a6b397ee65dc92642153286186eb64ac
Storage devices are no longer hard-coded, and instead bubble up from
whatever Disk and VolumeBase that vold uncovered, turning into
sibling Java objects in MountService. We now treat vold events as
the source-of-truth for state, and synchronize our state by asking
vold to "reset" whenever we reconnect.
We've now moved to a model where all storage devices are mounted in
the root mount namespace (user boundaries protected with GIDs), so
we no longer need app-to-vold path translation. This also means that
zygote only needs to bind mount the user-specific /mnt/user/n/ path
onto /storage/self/ to make legacy paths like /sdcard work. This
grealy simplifies a lot of system code.
Many parts of the platform depend on a primary storage device always
being present, so we hack together a stub StorageVolume when vold
doesn't have a volume ready yet.
StorageVolume isn't really a volume anymore; it's the user-specific
view onto a volume, so MountService now filters and builds them
based on the calling user. StorageVolume is now immutable, making
it easier to reason about.
Environment now builds all of its paths dynamically based on active
volumes. Adds utility methods to turn int types and flags into
user-readable strings for debugging purposes.
Remove UMS sharing support for now, since no current devices support
it; MTP is the recommended solution going forward because it offers
better multi-user support.
Simplify unmount logic, since vold will now gladly trigger EJECTING
broadcast and kill stubborn processes.
Bug: 19993667
Change-Id: I9842280e61974c91bae15d764e386969aedcd338
Create two special SETs.
SET_DBG_VPN_IN is used by individual applications to know
how much traffic of the NetworkIdentity was actually moved
from a VPN app.
SET_DBG_VPN_OUT is used by the VPN app to know how much
traffic of the NetworkIdentity was deducted.
A debug application can restore the raw stats by these
entries.
raw_traffic = recorded_entry (TAG_NONE, SET_ALL)
+ recorded_entry (TAG_NONE, SET_DBF_VPN_OUT)
- recorded_entry (TAG_NONE, SET_DBF_VPN_IN)
The two debug SETs are not returned by
NetworkStatsService.openSession(). These debug entries are
retrieved by NetworkStatsCollection.dump().
Bug: 19536273
Change-Id: I03ef9f7667f5f2f48cbe3f6b11447fe7ead8ad3b
Added new API consisting of android.app.usage.NetworkUsageManager and
android.app.usage.NetworkUsageStats. Through them data usage on a
network interface can be programmatically queried. Both summary and
details are available.
Bug: 19208876
Change-Id: I0e0c4b37ae23ad1e589d4b0c955b93f28ba4333e
* Creates a new Parcelable class VpnInfo to hold required
parameters for VPN stats adjustments.
* ConnectivityService to collect infomation and provide
a list of VpnInfo, one for each user.
* NetworkStatsService passes the VpnInfo array to
NetworkStatsRecorder.
* NetworkStatsRecorder calls NetworkStats.migrateTun()
to do the math.
* Poll NetworkStats when the vpn application calls
setUnderlyingNetworks().
Bug: 19536273
Change-Id: I7a4c7726b8243fead10416f7ec6eb5cf95f20183
Create a new method to migrate underlying network traffic
from VPN app to other apps.
Bug: 19536273
Change-Id: I3434cad361592e26b01225edf8012f7b16afc98f
Connectivity broadcasts recently changed and are no longer sent for
certain types of network changes. For example, when stacked network
interfaces change for a mobile network. To ensure that we pick up
all these details, directly wire the two services together.
Also remove some unused code for split network types.
Bug: 18666753
Change-Id: I0467bd5b330c0e0cb51af2306d821b41ad16337a
There are some cases where multiple subscriber identities (IMSI)
should be treated as "merged together" from a data usage
perspective. This is done by extending the template used for
matching purposes to support multiple subscribers.
Then, when we query historical usage or set network policies, we
normalize the matching template to merge to any other identities
that should be included. When normalizing, the "lowest" identity
is always used for equality and storage purposes, which allows
identities to come and go over time.
This change also fixes data usage recording for multi-SIM devices
by passing along the concrete subscriber identity for each network
interface. Also correctly create default policies for multi-SIM
devices. This change also drops setPolicyDataEnable() until it can
be wired up to the right underlying NetworkAgent. (This means we
still bring up the network, and then rely on iptables rules to block
traffic when over the limit, instead of proactively disabling the
connection.)
Bug: 18012787
Change-Id: If6acf32009fdfea2b836f5aff8e2f3e5e0248b4a
Define and print a compact version of network statistics when dump
is requested with the "--checkin" flag. Defaults to last 24 hours,
but included data can be tweaked with various flags.
Groups together detailed network identities into larger umbrella
terms like "mobile" and "wifi."
Bug: 18415963
Change-Id: I70cf9c828ea5c6e5bb6884837d3608f66fbad2e6
Internal logic relies on Arrays.copyOf(), so always give ourselves
valid arrays, using shared empty objects to save overhead.
Bug: 17502649
Change-Id: I5dbb00545bdfe45bbd48144ab505ea08cc92cbcd
LinkProperties can represent way more complicated configurations
than what we can actually apply to interfaces. This makes it
error-prone to use it to represent static configuration, both
when trying to apply configuration coming from LinkProperties
and when trying to save configuration from current
LinkProperties.
Instead, move static configuration (IPv4 only, since we don't
support static IPv6 configuration) into a separate
StaticIpConfiguration class.
Bug: 16114392
Bug: 16893413
Change-Id: Ib33f35c004e30b6067bb20235ffa43c247d174df
Some devices use clatd for catching raw IPv4 traffic when running on
a pure-IPv6 carrier network. In those situations, the per-UID
stats are accounted against the clat iface, so framework users need
to combine both the "base" and "stacked" iface usage together.
This also means that policy rules (like restricting background data
or battery saver) need to apply to the stacked ifaces.
Finally, we need to massage stats data slightly:
-- Currently xt_qtaguid double-counts the clatd traffic *leaving*
the device; both against the original UID on the clat iface, and
against UID 0 on the final egress interface.
-- All clatd traffic *arriving* at the device is missing the extra
IPv6 packet header overhead when accounted against the final UID.
Bug: 12249687, 15459248, 16296564
Change-Id: I0ee59d96831f52782de7a980e4cce9b061902fff
Anything that runs as a singleton may need to attribute traffic to
various client apps; in particular, backup transports need to do this.
Apropos of which, introduce a @SystemApi method specifically for that
purpose, setThreadStatsTagBackup().
Bug 16661321
Change-Id: Id5d22e28bdc68edb53f2a1fdba80b144fcbc61d2
This eliminates the need for the ConnectivityService.VpnCallback class.
This requires shifting VPNs to the new "network" netd API.
VpnService.protect() is modified to no longer go through ConnectivityService.
NetworkCapabilities is extended to add a transport type for VPNs and a
capability requiring a non-VPN (so the default NetworkRequest isn't satisfied
by a VPN).
bug:15409918
Change-Id: Ic4498f1961582208add6f375ad16ce376ee9eb95
1. Remove incorrect @return tag for void function.
2. Fix build breakage by removing the reference to
#ETHERNET_SERVICE, which is hidden.
Change-Id: Ia893464bafc8257e48e0bd710d27954b535fcece
The implementation will live in frameworks/opt/net/ethernet.
Bug: 7606609
Bug: 8687763
Bug: 14993642
Bug: 14981801
Change-Id: Ic771e268b0c78f0fc32f46af6fe0dd7c634a426e
The API and implementation of NsdManager imply that a separate
Listener is to be used for each active registration or discovery
request. This isn't formally documented or properly enforced, and
weird and unpredictable things happen if an application uses a
Listener for more than one request at a time.
Update documentation to make this an explicit requirement.
Enforce the restriction when a new request is submitted for
processing; if the Listener is already being used to track an active
request, throw an exception.
Document the fact that apps should unregister services and cancel
service discoveries when the app is stopped (in KitKat and prior
releases, they'll leak if this isn't done.)
Re-order "release the Listener" operation to occur before the Listener
callback, so that the Listener can be reused by the application once
the callback has been entered - this eliminates a race condition.
Document this.
Pass 2: typos, added documentation about API level, changed to using
an explicitly defined return value for "busy listener".
Bug: 13512512
Change-Id: Ic164110759204b27d8a14376777b593ebe1865fa
Due to race conditions or programming errors, the NsdManager
can attempt to process an asynchronous status message (and issue
a callback to the listener) after the listener has already been
removed from the NsdManager state. This causes dereferencing of
null objects, and a crash.
Split out the three async-queue message cases: these are ones
in which message.arg2 does not hold an NsdManager array index
and the code should not interpret this field as if it were.
Add an explicit check for "null listener" (the array index in the
message has already been released), log a warning, and exit early.
Safeguard accesses to the "NSD service type" string from a possibly
null) NsdServiceInfo object... return a constant "?" string rather
than crashing.
Bug: 9016259
Manual cherrypick of commit b1fbb14122a99c62363a949dd634294f5e887ef,
change-ID I7a6ff6842cf035cefbafe2a023ae1fd43734081e in master.
Change-Id: I8d9b7a1763d47d061a0f46b3cb453de4bdb8c2ed
