Let PermissionMonitor read APPS_ALLOWED_ON_RESTRICTED_NETWORKS
setting and grant netd system permission to uids whose package
name is listed in setting.
Bug: 185149952
Test: atest FrameworksNetTests
Merged-In: I856b545c0339a262abbe9d432cfda125bc82dc12
(clean cherry-pick)
Change-Id: I856b545c0339a262abbe9d432cfda125bc82dc12
Currently, unprivileged apps can call getAllNetworks() to see
all networks on the system, even networks that do not apply to
them. Allow them to do this via NetworkCallbacks as well.
This is the last piece of information that was only available
through getAllNetworks, so this CL deprecates that API.
Bug: 187921303
Test: new unit tests
Test: CTS test in other CL in topic
Change-Id: I30f1021927d3c8eae6525116c61ff4a4acecff6d
The build file currently holds a single build rule in test/. Move it to
the existing build file in tests/common/Android.bp.
Test: m
Bug: 186628461
Change-Id: I3948c9b46e2647f945a22f16aad493e94fe50b4d
Yielding cell wins to exiting wifi (whether good or bad).
It loses to bad wifi that's not exiting.
In R, yielding to bad wifi only affects wifis that are
unvalidated, but a wifi that is exiting should still be
dropped in favor of a cell that yields to bad wifi.
I had misunderstood the policy and implemented it wrong.
Now it's implemented right, and has careful tests.
Test: new tests for this
Bug: 186458024
Change-Id: Ib8637100d491e72a2edb837584ce55b7dda58524
Address API review feedback, other APIs have been refering to
these as "interface" instead of "iface" so migrate the APIs named
*Iface* to *Interface*.
(cherry-picked from ag/14326779)
Bug: 183972554
Test: atest android.net.UnderlyingNetworkInfoTest
Merged-In: I38b476e762fb57fa88c4a789092d0af6f5330d80
Change-Id: I38b476e762fb57fa88c4a789092d0af6f5330d80
This CL adds APIs for telephony to perform filter matching based on
remote address if the socket is connected. Additional checks will be
performed on the state of socket to avoid the future callbacks in a
separate CL.
Bug: 181916576
Test: Manually verified in live T-Mobile network
atest ConnectivityServiceTest
atest com.android.internal.telephony.dataconnection.QosCallbackTrackerTest
Change-Id: I6fbd4e84c76bc4acbf4e59f06f8e86e0237bae29
Currently, NetworkCapabilities always redacts the TransportInfo
objects it contains whenever a defensive copy is made. This makes
it impossible to make a defensive copy on a TransportInfo
parcelled from another process without redacting it.
Stop redacting by default; instead rely on ConnectivityService
explicitly calling NetworkCapabilities' redacting constructor
when it returns a NetworkCapabilities object to an app via a
callback or synchronous call. This is currently done by
- createWithLocationInfoSanitizedIfNecessaryWhenParceled, which
is called from callCallbackForRequest, getNetworkCapabilities,
and getDefaultNetworkCapabilitiesForUser.
- getNetworkCapabilitiesWithoutUids, which is used when sending
ConnectivityDiagnosticsManager callbacks. In this method,
unconditionally redact all information, which is what the code
did previously due to the default redaction setting for empty
NetworkCapabilities objects being REDACT_ALL.
Bug: 183938194
Test: atest NetworkCapabilitiesTest
Test: atest FrameworksNetTests CtsNetTestCases HostsideVpnTests
Change-Id: I3108ee94cb0930958e071ba678c3554525b0db82
Move the tests together with packages/Connectivity code, so both can be
moved to packages/modules/Connectivity together.
Also reorganize unit tests in a unit/ directory, as other tests
(integration/, common/ etc.) have been added in tests/net since they
were created. This makes the directory structure consistent.
Test: atest FrameworksNetTests
Bug: 187814163
Merged-In: I254ffd1c08ec058d594b4ea55cbae5505f8497cc
Change-Id: I254ffd1c08ec058d594b4ea55cbae5505f8497cc
Move the tests together with packages/Connectivity code, so both can be
moved to packages/modules/Connectivity together.
Also reorganize unit tests in a unit/ directory, as other tests
(integration/, common/ etc.) have been added in tests/net since they
were created. This makes the directory structure consistent.
Test: atest FrameworksNetTests
Bug: 187814163
Ignore-AOSP-First: needs per-branch move for merge conflicts
Change-Id: I254ffd1c08ec058d594b4ea55cbae5505f8497cc
VPN types are defined in both VpnManager.java and NativeVpnType.aidl.
The definitions on both sides should match (except TYPE_VPN_NONE).
VpnManager.java:
TYPE_VPN_NONE = -1
TYPE_VPN_SERVICE = 1
TYPE_VPN_PLATFORM = 2
TYPE_VPN_LEGACY = 3
TYPE_VPN_OEM = 4
NativeVpnType.aidl:
SERVICE = 1
PLATFORM = 2
LEGACY = 3
OEM = 4
Bug: N/A
Test: atest android.net.VpnManagerTest#testVpnTypesEqual
Change-Id: Ie618e227d861100c5318da696140e486af1093a0
Currently, NetworkCapabilities always redacts the TransportInfo
objects it contains whenever a defensive copy is made. This makes
it impossible to make a defensive copy on a TransportInfo
parcelled from another process without redacting it.
Stop redacting by default; instead rely on ConnectivityService
explicitly calling NetworkCapabilities' redacting constructor
when it returns a NetworkCapabilities object to an app via a
callback or synchronous call. This is currently done by
- createWithLocationInfoSanitizedIfNecessaryWhenParceled, which
is called from callCallbackForRequest, getNetworkCapabilities,
and getDefaultNetworkCapabilitiesForUser.
- getNetworkCapabilitiesWithoutUids, which is used when sending
ConnectivityDiagnosticsManager callbacks. In this method,
unconditionally redact all information, which is what the code
did previously due to the default redaction setting for empty
NetworkCapabilities objects being REDACT_ALL.
Bug: 183938194
Test: atest NetworkCapabilitiesTest
Test: atest FrameworksNetTests CtsNetTestCases HostsideVpnTests
Change-Id: I3108ee94cb0930958e071ba678c3554525b0db82
Addresses API council feedback.
Bug: 184890428
Test: atest FrameworksNetTests CtsNetTestCases
Test: atest CtsNetTestCasesLatestSdk:NetworkCapabilitiesTest on R device
Change-Id: Id7c68fbf56ee08fcad8e8e3aacf037fa1885936b
networkCreatePhysical and networkCreateVpn are non-extensible. In order
to pass OEM requested VPN type to Netd, we need to migrate to
networkCreate API.
Modify test code accordingly since networkCreatePhysical and
networkCreateVpn have been deprecated on Netd.
Bug: 171872481
Test: atest FrameworksNetTests
atest atest HostsideVpnTests
Change-Id: I50ab8615346c49559c16e815482e7804a1e765c8
sendNetworkConditionsBroadcast is removed, so
TestNetworkStackService.kt cannot override it anymore,
otherwise there will be a build break when running this
test.
Also add a comment for NETWORK_CONDITIONS_MEASURED in
AndroidManifest.xml.
Bug: 124415874
Test: atest FrameworksNetIntegrationTests
Change-Id: I7b43940dc32826c70fa82f471b35bc5cb8394aad
Merged-In: I7b43940dc32826c70fa82f471b35bc5cb8394aad
This change adds support for IPsec forward policies, which are necessary
for packets to be allowed to be forwarded to another interface, as is
the case with tethering. This is necessary and useful only within the
system server, and as such is not exposed as a public API.
This change is safe, since the addition of a FWD policy on IPsec tunnel
interfaces will by default block forwarded traffic (as would be the case
without this patch). In the event that the (system) owner of the tunnel
requires support for forwarded packets (eg tethering), this patch allows
application of transforms in the FWD direction as well.
This will be used to ensure that the VCN can be used as the underlying
network for the purposes of tethering.
Bug: 185495453
Test: atest IpSecServiceTest
Test: atest IpSecServiceParameterizedTest
Test: manual testing with tethering over VCN
Change-Id: I74ecea71f1954029f6fbdbe34598c82e0aac386b
Addresses API council feedback.
Bug: 184890428
Test: atest FrameworksNetTests CtsNetTestCases
Test: atest CtsNetTestCasesLatestSdk:NetworkCapabilitiesTest on R device
Change-Id: Id7c68fbf56ee08fcad8e8e3aacf037fa1885936b
Update PrivateDnsMode from StringDef to IntDef because IntDef is
the normal way of representing multiple choices in public API.
Also update other related files.
Bug: 185311744
Test: 1. make update-api
2. atest FrameworksNetTests CtsNetTestCases CtsNetTestCasesLatestSdk
3. atest FrameworksServicesTests:DevicePolicyManagerTest
Change-Id: I23e7ec140066979726d769cabc5f7057bb2167e6
Merged-In: I23e7ec140066979726d769cabc5f7057bb2167e6
(Cherry-picked from ag/14227609)
Address API review feedback, other APIs have been refering to
these as "interface" instead of "iface" so migrate the APIs named
*Iface* to *Interface*.
Bug: 183972554
Test: atest android.net.UnderlyingNetworkInfoTest
Change-Id: I38b476e762fb57fa88c4a789092d0af6f5330d80
- Querying PackageInfo should have MATCH_ANY_USER flag because
some apps are only installed for specific users. If no flag,
it will get NameNotFoundException.
- Also add missed break on switch case.
Bug: 186382373
Test: atests FrameworksNetTests
Change-Id: I37c8c42352a9a84ccbe9a37248febcd62b8f59e4
Changing the per-app default request flows to fallback to a request of
type TRACK_DEFAULT as opposed to type REQUEST. The main benefit of this
change is that these requests will no longer be sent to the factories
which is desired.
Bug: 180452284
Bug: 176494815
Test: atest FrameworksNetTests
atest FrameworksNetIntegrationTests
atest CtsNetTestCasesLatestSdk
Change-Id: I312e55a54f70aa82953a32ab9369d5afc02b75e5
Merged-In: I312e55a54f70aa82953a32ab9369d5afc02b75e5
Update PrivateDnsMode from StringDef to IntDef because IntDef is
the normal way of representing multiple choices in public API.
Also update other related files.
Bug: 185311744
Test: 1. make update-api
2. atest FrameworksNetTests CtsNetTestCases CtsNetTestCasesLatestSdk
3. atest FrameworksServicesTests:DevicePolicyManagerTest
Change-Id: I23e7ec140066979726d769cabc5f7057bb2167e6
Address API review feedback to:
- Rename NetworkAgent#setTeardownDelayMs to
NetworkAgent#setTeardownDelayMillis
- Use getters instead of fields in VpnTransportInfo
- Rename registerDefaultNetworkCallbackAsUid to
registerDefaultNetworkCallbackForUid in ConnectiivityManager
Bug: 183972850
Bug: 185246410
Fix: 184735863
Test: make update-api
Test: atest FrameworksNetTests
Test: atest CtsNetTestCasesLatestSdk
Change-Id: I5e8c4bed8bda40d507afa894c359b5e24ee5d868
Merged-In: I5e8c4bed8bda40d507afa894c359b5e24ee5d868
