registerSystemDefaultNetworkCallback is required by WifiTrackerLib to
detect the system default network for UI purposes. Currently this API is
allowed for holders of the NETWORK_SETTINGS permission, but not
NETWORK_SETUP_WIZARD. Since SUW also uses WifiTrackerLib, we should
allow this API for NETWORK_SETUP_WIZARD as well.
Bug: 230643853
Test: atest ConnectivityServiceTest
Change-Id: Ic01a186f91ed67b4603b6b8964921be7473a483a
Create a new API - setVpnNetworkPreference() for the caller to
set VPN as the preference network.
VPN will be disconnected when its underlying network is gone.
To prevent packets going through an underlying network when the
underlying network is back but VPN is not connected yet, set VPN
as the only preferred network for specific apps.
Bug: 231749077
Test: 1. atest FrameworksNetTests
2. Create a test app to register default network and check if
the VPN is the only default network for the test app.
Change-Id: Iabcd38e2fec2aefedbf78d20e338f222d83a9e7f
Some callers (e.g. iwlan) need to learn about system default
network but they cannot have NETWORK_SETTINGS permission.
To allow them to use this API but prevent from misuse by
unprivileged apps, enforce USE_RESTRICTED_NETWORKS for this API.
Test: atest com.android.server.ConnectivityServiceTest#testRegisterPrivilegedDefaultCallbacksRequireNetworkSettings android.net.cts.ConnectivityManagerTest#testRegisterNetworkCallback
Fix: 242456635
Change-Id: I80ab27445af874328c9c0f4814a8fbf035ae5df4
* changes:
TestNetworkInterface: add support for MacAddress and MTU
TestNetworkService: add support for creating iface without carrier
TestNetworkService: Add support for toggling carrier on tun/tap
TestNetworkService: Fix TestNetworkInterface parcel flags
Both MacAddress and MTU size are often needed in tests and very painful
to get a hold of without system server permissions.
Test: TH
Change-Id: Ie1a91959916ea39277e76aa1b61f38d59a5d2a90
Use int array for included and excluded uids so that uses
same data type as in PreferentialNetworkServiceConfig
Bug: 217365439
Test: ran connectivity service unit tests
Change-Id: I9ac7e6498df2fd20b8397b2c110296e019c7389e
Split the updateXXX methods into an addXXX and removeXXX instead of using
a boolean parameter to indicate whether the uid should be added or removed
Bug: 218494748
Test: atest FrameworksNetTests
Change-Id: I868cf35c8f51b25d8719e618c6c48a5cd642da7f
swapActiveStatsMap is temporary added for the NetworkStatsFactory to
call BpfNetMaps#swapActiveStatsMap in tethering mainline module. Now
NetworkStatsFactory already be mainlined, calling BpfNetMaps#swapActiveStatsMap
directly.
Bug: 218494448
Test: atest ConnectivityCoverageTests
atest FrameworksNetTests
Change-Id: I3358e4ac5fb7ed0964273afdbccd1b4128ca7645
The API won't modify the passed NetworkCapabilities and
LinkProperties, but redactNetworkCapabilitiesForPackage and
redactLinkPropertiesForPackage sound like they will. To reduce
the confusion, rename the API with prefix "getRedacted".
Also modify the javadoc to describe more about what the API will
do if the given UID doesn't have location permission.
Bug: 220367512
Test: atest CtsNetTestCases
Change-Id: I964f1062da1ae96df9b369b911486da1379b8a19
Update API name from getVpnRequiresValidation to
isVpnValidationRequired according to API review feedback.
Test: atest FrameworksNetTests
Bug: 220129160
Change-Id: I1025f4c35b320c14e872eaffd7ed82658a5f3d0c
Some system components like VPN need to know how to redact
NetworkCapabilities & LinkProperties that they received from
the system but need to send to third-party applications with
less privilege than themselves. To make sure the redaction is
consistent, expose system API methods to do it that are wired
to the same redaction code used by ConnectivityService.
Bug: 191413541
Test: atest CtsNetTestCases, which includes new CTS for these
Change-Id: Ia3ae4755b5192884c147d6828f96cedac000a25b
The INGRESS_RATE_LIMIT_BYTES_PER_SECOND setting controls the rate limit
for internet networks. If set to -1, no rate limit applies. There is
one global rate limit that will be applied to all networks with
NET_CAPABILITY_INTERNET.
Test: atest ConnectivitySettingsManagerTest
Bug: 157552970
Change-Id: Ia82aa867686d484ce46734f76d4a48bf864eff84
Address API review feedback to change naming of
setExcludedLocalRoutesVpn and getter.
Bug: 217742354
Test: atest FrameworksNetTests
Change-Id: I57bbf55c7aba1c86ec8687d2431a50b37e63c6d0
This adds a new API that lets VPN apps using VpnManager request
that the platform run its basic validation check on the resulting
network.
Bug: 184750836
Test: atest FrameworksNetTests
Change-Id: I00092eee857d3e33529b19461cfd5dd060a0fe20
CTS already have basic tests for this since they run the common tests,
which were using these hidden methods already.
Test: CtsNetTestCases
Change-Id: Id5e5b911f5c63bdd3b05e5ac1d3dd89c1c525ab7
This CL should be reverted before T sdk finalized.
This API is temporary added for the NetworkStatsFactory which is platform
code but will be moved into connectivity (tethering) mainline module.
Bug: 209935649
Test: atest CtsHostsideNetworkTests
Change-Id: I5894450f3089b2ea105722a18ddf8f1eed1c28a0
To deprecated firewallReplaceUidChain netd binder and move the
functionality to tethering (connectivity) mainline module, expose
replaceFirewallChain to support the caller outside the module.
Currently the API are still call to netd. Will replace with the
implementation inside tethering (connectivity) module.
Bug: 209935649
Test: atest CtsHostsideNetworkTests
Change-Id: If7a87548b0a3acda00a1455da4e4ff24a630ddc7
To deprecated firewallEnableChildChain netd binder and move the
functionality to tethering (connectivity) mainline module, expose
setFirewallChainEnabled to support the caller outside the module.
Currently the API are still call to netd. Will replace with the
implementation inside tethering (connectivity) module.
Bug: 209935649
Test: atest CtsHostsideNetworkTests
Change-Id: I9b64c9d12260521489a87fbeae5afbee2a8ea8f6
To deprecated firewallSetUidRule netd binder and move the functionality to
tethering (connectivity) mainline module, expose updateFirewallRule to
support the caller outside the module. Currently the API are still call
to netd. Will replace with the implementation inside tethering
(connectivity) module.
Bug: 209935649
Test: atest CtsHostsideNetworkTests
Change-Id: I0b53c999e06c2378afec0eb491815ec398c91b0b
Add a method to apply a set of network preferences to a user profile
Bug: 194332512
CTS-Coverage-Bug: 211133973
Test: CTS
Change-Id: I97730ea14e7c96922236fd77a591e5acadd875ba
To deprecated below netd binder interfaces and move the functionality to
tethering(connectivity) mainline module:
bandwidthAddNaughtyApp
bandwidthRemoveNaughtyApp
bandwidthAddNiceApp
bandwidthRemoveNiceApp
Expose updateMeteredNetwork{Allow, Deny}List APIs to support the caller
outside the module. Currently the two APIs are still call to INetd
binders. Once functionality is moved to mainline module, will switch to
use them.
Bug: 209935649
Test: m
Change-Id: I8df720935748c2587f91a7b760cfd5a93a0fa852
As API review feedback, setting allowed on restricted networks
should be by uid instead of package name for security reason.
Thus, update the getter/setter to return/accept set of uids.
Bug: 188085693
Test: atest FrameworksNetTests
Merged-In: I979bf98075e6c9c0ed7e891582843fddb62643cb
Change-Id: I979bf98075e6c9c0ed7e891582843fddb62643cb
