The crash occurs when some app has more than half its limit
in requests that will need to be moved to some other default
network upon changing the preferences.
This will send the requests for this app over the limit
temporarily when creating new requests for the reevaluated
ones.
While ConnectivityService has a provision for making a
transaction-like addition/removal of requests that is meant
to avoid exactly this kind of crash with the transact()
method on PerUidCounter, the code only transacts on
mSystemNetworkRequestCounter. But these requests are counted
in the mNetworkRequestCounters, which is not part of the
transaction, causing the crash anyway.
To avoid the problem, this patch allows the request counters
to go over the max if and only if the system server is
updating the request counts for a UID other than its own.
This should allow only the case where ConnectivityService is
moving the requests over to the new per-uid default, while
keeping the exception when registering from an app (then the
calling UID is not the system server), or when the system
server registers its own requests (then the UID inside the
request is that of the system server).
A much better solution than this patch would be to completely
eliminate the transact() method by somehow unregistering the
old ones before creating the new ones.
However this would be a much bigger and difficult patch than
this, and much more dangerous, because callers depend on the
list of requests to find out the old requests to remove, so
they have to be created first.
Another possible clean solution would be to count the
requests not in the NRI constructor, but later. This would be
more error-prone though because it would be very easy to
create an NRI without counting it.
Bug: 192470012
Test: ConnectivityServiceTest. Improve tests so they catch
this case.
Original change: https://android-review.googlesource.com/c/platform/packages/modules/Connectivity/+/1781202
Merged-In: Ia482e6fbf2bf300ce6cbaca72810d394ed201b98
Change-Id: I6744d2f60d6bd664f048b532a58461c110a5b7fe
(cherry picked from commit 916aeb7b0d)
The scenario is as follows : an app registers a network callback,
then unregisters it and dies immediately after. In this scenario,
the system server will receive a notification of the binder death
and enqueue a call to handleRemoveNetworkRequest. If the callback
unregister message has been process first, this call would result
in unlinkToDeath being called twice on the same Binder, crashing.
This patch fixes the problem by using handleReleaseNetworkRequest
instead of Remove, which looks up the NRI in a map on the handler
thread before calling Remove, returning without doing anything if
the NRI has already been removed.
Test: ConnectivityServiceTest
Test: New test for this
Bug: 194394697
Merged-In: I82a28c37450146838410bf5a059aac295a985fca
Change-Id: Iddab205cf2754d326be816e6e8e92c2cc0b95771
(cherry picked from commit d79bd5c622)
Currently, to prevent from network connect-teardown-loops that
caused by inaccurate reports, e.g. the provider always provides
a better network than the offer, the NetworkOffer is considered
needed if its provider is currently serving the request. This
is because there is no accurate way to know whether the offer is
corresponding to the network that is currently serving the
request.
However, if the offer cannot even satisfies the request, consider
the offer is needed does not make any sense. Since it can
never be the one that currently serving the request, nor be
the one that might beat current satisfier.
Test: android.net.NetworkProviderTest
Bug: 189074532
Original-Change: https://android-review.googlesource.com/1731452
Merged-In: Ie3ea59f980c3767782b8e6b03e401c02f664f9bd
Change-Id: Ie3ea59f980c3767782b8e6b03e401c02f664f9bd
Currently netd supports only the default value for VPN but CS
send priorty value 1 to netd. It will break the default routing
for VPN. Thus, update network preference priority value to 0 for
VPN.
Bug: 193245476
Test: atest CtsHostsideNetworkTests:HostsideVpnTests
Original-Change: https://android-review.googlesource.com/1762867
Merged-In: I197cb358e8e30355fbf675e4c623abebe7abdb7f
Change-Id: I197cb358e8e30355fbf675e4c623abebe7abdb7f
When NetworkRequestInfo#binderDied is called in ConnectivityService,
only pass the NRI to handleRemoveNetworkRequest. This is to prevent a
potential crash when unlinkDeathRecipient is called twice for the same
NRI.
Also, as a cleanup, don't iterate mRequests in the log message on binderDied.
As per the bug, the chain of events leading to a potential crash are:
- `Connectivity.NetworkRequestInfo#binderDied()` is called for an NRI
tracking multiple `NetworkRequest` items. This can happen for a TRACK_DEFAULT
request filed by a UID on a different preference than the default, which
copies the request list.
- This in turn triggers multiple `EVENT_RELEASE_NETWORK_REQUEST` events
for the same NRI, one for reach `NetworkRequest` tracked.
- When handling `EVENT_RELEASE_NETWORK_REQUEST`, each `NetworkRequest`
that is passed in will then be used to look up the parent NRI that originally
sent it to be released.
- Therefore if an NRI was tracking three requests, it would trigger three
release network events, then each request would be used to look up the
same NRI again when handling said release event.
- Finally, `ConnectivityService.NetworkRequestInfo#unlinkDeathRecipient` is
called for the NRI in question. Using the scenario above, that means we could
call `unlinkDeathRecipient` multiple times for the same NRI if it was tracking
multiple network requests causing the associated crash.
- If `unlinkDeathRecipient` is called more than once for the same NRI, it will
cause the crash listed in this bug.
- The fix is to only call handleRemoveNetworkRequest for the NRI once. This
works since when removing the NRI, we iterate over all of its requests to
remove them. By only calling handleRemoveNetworkRequest once, it's ensured
`unlinkDeathRecipient` for this NRI as part of
`Connectivity.NetworkRequestInfo#binderDied()` is only called once and not
potentially multiple times.
Bug: 185541983
Change-Id: I918c8620f2975d810894c178277771764923b5a4
Test: atest FrameworksNetTests
Merged-In: I2a2ad4ec6d415423182a1856a898779203658f8b
- Each network preference has been assigned a priority value so
that netd can know which uid range rule has higher priority. So
remove the restriction that all network preferences are
exclusive.
- Add priority check when getting request for uid.
Bug: 171872461
Test: atest FrameworksNetTests
Ignore-AOSP-First: Needs cherry-picks
Change-Id: I6912db753c8b4a194aa7af92b01ca6dcfec10d8b
Certain network types, like the VCN, have underlying
networks for the purpose of data usage, but do not want to
propagate the underlying network capabilities.
Allow these networks to set underlying networks, but continue
not to propagate the capabilities.
Bug: 190620024
Test: new unit test
Original-Change: https://android-review.googlesource.com/1753619
Merged-In: I53d6080f48707ff3c37fbfbef534284ba77a7432
Change-Id: I53d6080f48707ff3c37fbfbef534284ba77a7432
- If Mobile data always on is OFF, mobile data preferred uids
feature does not work.
- We need to request mobile data when MDO list is not empty.
Bug: 171872461
Test: atest FrameworksNetTests
Test: atest CtsNetTestCases
Signed-off-by: Ansik <ansik.shin@samsung.com>
Original-Change: https://android-review.googlesource.com/1751023
Merged-In: Ie9d6b3e39ef16813c4be3979900d226c8f3d656d
Change-Id: Ie9d6b3e39ef16813c4be3979900d226c8f3d656d
Replace network[Add|Remove]UidRanges to
network[Add|Remove]UidRangesParcel. The new methods are passing
NativeUidRangeConfig which contains priority value for each uid
range rules.
Bug: 171872461
Test: atest FrameworksNetTests
Test: atest HostsideVpnTests
Ignore-AOSP-First: Need cherry-pick
Change-Id: I08bbdbcb8450b08e6208fa730137348550f9e3d2
Currently, ConnectivityService uses EVENT_REGISTER_NETWORK_LISTENER
to dispatch registering network callback with pending intent, this
is wrong since the code flow will not check if the pending intent
is duplicated. Thus, the registration will be duplicated if the
caller uses the same pending intent and register multiple times.
This change fixes the logic by using
EVENT_REGISTER_NETWORK_LISTENER_WITH_INTENT instead of
EVENT_REGISTER_NETWORK_LISTENER when dispatching register network
callback with pending intent.
Test: atest android.net.cts.ConnectivityManagerTest#testRegisterNetworkRequest_identicalPendingIntents
Test: atest android.net.cts.ConnectivityManagerTest#testRegisterNetworkCallback_identicalPendingIntents
Test: atest ConnectivityServiceTest#testNetworkCallbackMaximum
Test: 1. Use test app to file callback with same PendingIntent
2. Check dumpsys output
Bug: 189868426
Original-Change: https://android-review.googlesource.com/1727470
Merged-In: I38bdea3a026a78a6dc34b5200d43a75b3cd1ac0c
Change-Id: I38bdea3a026a78a6dc34b5200d43a75b3cd1ac0c
In S ConnectivityService was changed to use getActiveRequest() to fill
EXTRA_NETWORK_REQUEST, but there is no active request in the case of
listens.
When getActiveRequest() is missing, use the first mRequest instead. This
should match previous behavior.
Bug: 191713869
Test: atest android.net.cts.ConnectivityManagerTest
Original-Change: https://android-review.googlesource.com/1748153
Merged-In: Id7343a4cc020aba16b7979b16334721c56b2839c
Change-Id: Id7343a4cc020aba16b7979b16334721c56b2839c
ConnectivityManager.setAvoidUnvalidated only works if the
config_networkAvoidBadWifi configuration is set to 0 and the
NETWORK_AVOID_BAD_WIFI setting is unset. There is no easy way
for a testing app to temporary set a test value to verify the
behavior of the API. Thus, add a mechanism to allow test app
to set a period of time to temporary unstrict the resource
configuration, i.e. Temporary simulate config_networkAvoidBadWifi
configured to 0.
Bug: 186061922
Test: atest CtsNetTestCases FrameworksNetTests
Original-Change: https://android-review.googlesource.com/1733788
Merged-In: If772078c61a9b12926f104d5dfc9c9071e844732
Change-Id: If772078c61a9b12926f104d5dfc9c9071e844732
To allow unit tests to run without platform certificates, remove
signature permission usage in ConnectivityServiceTest.
This mocks permission checks done in ConnectivityService for which the
test assumed that the permission was held, and mocks calls to
BatteryStatsManager. Calls to ActivityManagerService (through
PendingIntent) are done with shell permissions as the test uses real
PendingIntent mechanics.
Bug: 187935317
Test: atest FrameworksNetTests
Merged-In: If309d653ac2e9bbcf1b94bcee6336367289df359
Change-Id: If309d653ac2e9bbcf1b94bcee6336367289df359
Original change: https://android-review.googlesource.com/c/platform/packages/modules/Connectivity/+/1736615
(cherry picked from commit 595dda3604)
Change-Id: Idb19b0f7cb87bb4d9de7a0b1a0e4128c2d6b9c6d
When the apps moved from/to a VPN, a proxy broadcast is needed to
inform the apps that the proxy might be changed since the default
network satisfied by the apps might also changed.
Since the framework does not track the defautlt network of every
apps, thus, this is done when:
1. VPN connects/disconnects.
2. List of uids that apply to the VPN has changed.
While 1 is already covered by the current design, the CL implements
2 in order to fulfill the case that different networks have
different proxies.
Bug: 178727215
Test: atest FrameworksNetTests
Original-Change: https://android-review.googlesource.com/1717735
Merged-In: Ifa103dd66394026d752b407a1bee740c9fcdad2b
Change-Id: Ifa103dd66394026d752b407a1bee740c9fcdad2b
Updates to ConnectivityService so that the set OEM network preference
per app APIs can be tested via CTS.
Bug: 176496580
Bug: 176494815
Test: atest FrameworksNetTests
atest FrameworksNetIntegrationTests
atest CtsNetTestCasesLatestSdk
Original-Change: https://android-review.googlesource.com/1723050
Merged-In: I5a47dcece31749293f080af060218d827082eb67
Change-Id: I5a47dcece31749293f080af060218d827082eb67
Per-app network functionality assumed all apps were installed for user 0
which is not always the case. This fix will address that by checking for
the existance of an app for all users and adding it to the per-app
network preference as was originally intended. Prior, no apps were
included if they were not installed for user 0 even if they were
available for another user such as user 10 in automotive.
Bug: 189838408
Test: atest FrameworksNetTests
atest FrameworksNetIntegrationTests
atest CtsNetTestCases
Original-Change: https://android-review.googlesource.com/1723617
Merged-In: I7d75cdb02041e7a202254be2eaeca6c2b02d7c29
Change-Id: I7d75cdb02041e7a202254be2eaeca6c2b02d7c29
Currently, when a network that uses 464xlat is torn down,
NetworkCallbacks will receive onLinkPropertiesChanged after
onLost. This is confusing and incorrect.
The incorrect callback is sent because handleLinkProperties
checks that the netId of the agent still exists, not that the
NetworkAgent is still registered. This is normally correct,
because the NetworkAgent is removed from mNetworkAgentInfos and
the netId are removed from mNetworkForNetId by the same method,
disconnectAndDestroyNetwork.
In this specific case it's not correct, because the call to
handleUpdateLinkProperties is from disconnectAndDestroyNetwork
itself via nai.clatd.update and calls Nat464Xlat#stop.
No other callers of handleUpdateLinkProperties are affected
because:
- EVENT_NETWORK_PROPERTIES_CHANGED is called only by
maybeHandleNetworkAgentMessage, which first checks that the
NetworkAgent is registered.
- handlePrivateDnsSettingsChanged only looks at registered
NetworkAgents (it loops over mNetworkAgentInfos).
- handlePrivateDnsValidationUpdate, handleNat64PrefixEvent and
handleCapportApiDataUpdate call getNetworkAgentInfoForNetId,
which will correctly determine that the agent is no longer
registered, since they run on the handler thread and thus
cannot run at the same time as disconnectAndDestroyNetwork.
The existing code contains a check for the netId being current.
This is intended to ensure that an update from a NetworkAgent
cannot affect another agent with the same Network. This extra
check is not necessary, because code running on the handler
thread can never observe a NetworkAgent in mNetworkAgentInfos
unless mNetworkForNetId maps that NetworkAgent's Network to that
NetworkAgent. This is because mNetworkForNetId is updated by the
same methods as mNetworkAgentInfos, and those updates occur on
the handler thread. So all code on the handler thread will see
those two as consistent.
Bug: 176496580
Test: atest FrameworksNetTests CtsNetTestCases HostsideVpnTests
Original-Change: https://android-review.googlesource.com/1727829
Merged-In: I944f4c6ad36206bdccd85a6ea7ef71324a29c685
Change-Id: I944f4c6ad36206bdccd85a6ea7ef71324a29c685
- Add default network priority to NetworkRequestInfo.
- The default network priority value is used when issue uid
ranges rules to netd. Netd will use the priority value and uid
ranges to generate corresponding ip rules specific to the given
network preference.
Bug: 171872461
Test: atest FrameworksNetTests
Ignore-AOSP-First: Needs cherry-picks
Change-Id: I0ea71b348492aeb4784d487bed4cfd5d387426ba
- Add more tests for mobile data preferred uids.
- Also address leftover comments on implementation commit.
Bug: 171872461
Test: atest FrameworksNetTests
Ignore-AOSP-First: Needs cherry-picks
Change-Id: I63f65bffc1b8883ddfd774222e26e629d7ea1f94
This CL updates ConnectivityDiagnostics permission checks in
ConnectivityService to only require location permission for Networks
that have TRANSPORT_WIFI. This change is consistent with the location
restrictions required for the transports themselves. Previously,
location permissions were required for all Network types.
Bug: 187310575
Test: atest ConnectivityServiceTest ConnectivityDiagnosticsManagerTest
Change-Id: I48806533e4e705d2d9be45f3b3d3931d9294b167
Merged-In: I48806533e4e705d2d9be45f3b3d3931d9294b167
(cherry picked from commit 0990af5148)
This library can be removed because the annotations are no longer
used out of module.
@RestrictBackgroundStatus and @MultipathPreference are defined
in connectivity mainline module. Annotate these in non-updatable
platform is not going to be manageable long term. For example,
if the module gets updated and the annotation gets more values
then it's a problem in non-updatable platform. So, it should
not have IntDef cross module boundaries.
Ignore-AOSP-First: AOSP doesn't include this change yet
Bug: 183972925
Test: build
Change-Id: I63f1fde73c4ffdaff9fda914e33cbb5a110ba64e
This CL updates ConnectivityService to check location permissions for
ConnectivityDiagnostics callbacks last in the permission check process.
This minimizes misattribution of location access for networks that an
app is not administering.
This CL also updates ConnectivityDiagnosticsManager documentation to
clearly state that location permissions are required in order to receive
callbacks.
Bug: 187310575
Test: atest ConnectivityDiagnosticsManagerTest
Test: atest ConnectivityServiceTest
Change-Id: I2dbeddac6273e2392ccaeae51a1c7776d6d3da75
Merged-In: I2dbeddac6273e2392ccaeae51a1c7776d6d3da75
(cherry picked from commit f3d0fc49db)
When apps try to call factoryReset to do networking reset, it
will result in updating the setting in SettingsProvider.
ContentProvider will verify if the package name of the caller
that initiated the request being processed on the current thread.
The package should belong to the calling UID. The setting update
started from the ConnectivityService context, so the package will
be android but the calling UID will be the calling app. It will
cause a SecurityException. The behavior is fine previously as its
known caller(Settings) shares system UID. But it will be a
problem for other callers, such as CTS. Thus, clear the identity
since the necessary permission check should be examined at the
top of the method. The following actions should be fine to be
proceed from the system itself. Also replace the user restriction
check via hasUserRestrictionForUser with the UserHandle created
from the calling uid to ensure it's verified with correct user.
Bug: 186061922
Test: Factory reset from Settings
Merged-In: If2dd69f702a1eafff331f9e71f6b92aeadfb715d
Change-Id: If2dd69f702a1eafff331f9e71f6b92aeadfb715d
(cherry picked from commit 10ba4b773b)
Stop reading legacy resources as fallback, and only use resources in
ServiceConnectivityResources.
Bug: 185850634
Test: atest CtsNetTestCases FrameworksNetTests
Change-Id: I224f1ef9a1a8d6e636c7e9550845ab3e1394d7f3
Currently, unprivileged apps can call getAllNetworks() to see
all networks on the system, even networks that do not apply to
them. Allow them to do this via NetworkCallbacks as well.
This is the last piece of information that was only available
through getAllNetworks, so this CL deprecates that API.
Bug: 187921303
Test: new unit tests
Test: CTS test in other CL in topic
Change-Id: I30f1021927d3c8eae6525116c61ff4a4acecff6d
The legacy design of "dumpsys connectivity" will only dump
information with NORMAL priority. It was updated to provide
both NORMAL and HIGH priority information in order to support
dump in bugreport. However, it will also affect the result
using dumpsys connectivity.
Update design to dump NORMAL priority only to align with legacy
design.
Bug: 188387185
Test: adb shell dumpsys connectivity
Test: adb bugreport and check the result in bugreport
Change-Id: I6825c5038e48e3060c0c3ad1512bd584ef6d10a7
Merged-In: I6825c5038e48e3060c0c3ad1512bd584ef6d10a7
This is declared in the API surface, but the implementation
does not match.
Ignore-AOSP-First: Needs cherry-picks
Test: atest CtsNetTestCases:android.net.cts.ConnectivityManagerTest#testGetAllNetworkStateSnapshots
Bug: 188140631
Change-Id: I97aa69651461ebe5c323ec669372f9a61b84e6a6
This change is to address API review, add respective
@IntDef for network policy API.
Typedef cannot be exposed as SystemApi so add
ConnectivityAnnotations class and add an annotation library
so that it can be used in module and platform.
Bug: 183972925
Test: m, build doc target framework-doc-stubs_annotations.zip
and check the APIs have an attribute IntDef annotation
Change-Id: Ie3ec40cf48818edd422a4550377774eae387d3b2
The service-connectivity sources should be in
packages/modules/Connectivity. Move them to
frameworks/base/packages/Connectivity, so that the whole directory can
be moved to the dedicated packages/modules/Connectivity git project.
Bug: 186628461
Test: m
Merged-In: I26d1a274058fa38763ad4f605549d880865b4d76
Change-Id: Ie0562db92ebee269b901926d763ae907bde61b98
The service-connectivity sources should be in
packages/modules/Connectivity. Move them to
frameworks/base/packages/Connectivity, so that the whole directory can
be moved to the dedicated packages/modules/Connectivity git project.
Bug: 186628461
Test: m
Change-Id: I26d1a274058fa38763ad4f605549d880865b4d76
