The NetworkStatsService.getUidStats() currently doesn't have any
permission check to make sure unpriviledged apps cannot read the stats
of a different uid. It will protentially have security problem since
apps with ACCESS_NETWORK_STATS permission can directly calling into
NetworkStatsService and bypass the check in TrafficStats. Move the uid
check from TrafficStats to NetworkStatsService to fix the problem.
Bug: 129151407
Test: atest AppSecurityTests#testAppFailAccessPrivateData_full
Test: atest AppSecurityTests#testAppFailAccessPrivateData_instant
Test: atest android.app.usage.cts.NetworkUsageStatsTest
Test: atest NetworkStatsBinderTest
Change-Id: Iae85676cfe5f114da69ec278afc2c904bc907234
This method is used in TrafficStats to obtain the snapshot for the
calling UID, so narrow it to only return data for that specific case.
We might be tempted to throw an exception or adjust the method
signature, but apps are using the raw AIDL in the greylist, so we
return them an empty NetworkStats if they ask about other UIDs.
Bug: 119672472
Test: manual
Change-Id: I3064630039f1d8473d6425dd663f17813a4ae3a1
am skip reason: Change-Id I0055f6b55c209a073ce997fc7a144477f9db7069 with SHA-1 5d0d638f54 is in history
Change-Id: I7ebe73a3ffffaae14a1f557a9f15136e460b2969
In current design, Rat type change in NSS is only for default
subscription. This is only correct for single sim project.
However, it does not correct for multi-sim scenarios such as
CBRS or DSDS, given that all data usage will be attributed
to the Rat type of default sub.
Thus, add a helper class to monitor subscription change event,
and register/unregister dynamically for Rat type change for
every subscription.
Note that unit test of the helper class will be addressed
in follow-up patch.
Test: m -j
Bug: 146415925
Change-Id: I0055f6b55c209a073ce997fc7a144477f9db7069
Merged-In: I0055f6b55c209a073ce997fc7a144477f9db7069
(cherry picked from ag/10977156 and fixed conflict)
In current design, Rat type change in NSS is only for default
subscription. This is only correct for single sim project.
However, it does not correct for multi-sim scenarios such as
CBRS or DSDS, given that all data usage will be attributed
to the Rat type of default sub.
Thus, add a helper class to monitor subscription change event,
and register/unregister dynamically for Rat type change for
every subscription.
Note that unit test of the helper class will be addressed
in follow-up patch.
Test: m -j
Bug: 146415925
Change-Id: I0055f6b55c209a073ce997fc7a144477f9db7069
Merged-In: I0055f6b55c209a073ce997fc7a144477f9db7069
(cherry picked from commit 306de26c138ec135846f2a74a952464cf00dce54)
am skip reason: Change-Id I690704b43cfd16de70c4c83916f6d750cf613f67 with SHA-1 863f390810 is in history
Change-Id: I1a97a8cb46302c29425781b9252640c1eec4b50b
In current design, entries with zeros are preserved after
addition/subtraction. These entries are not very useful
and lead to difficulty of verifying the result of
addition/subtraction.
However, change the behavior in the original NetworkStats
is considered risky in current stage.
Thus, this change provide a function that could remove these
empty entries in tests.
Test: atest FrameworksNetTests
Bug: 152827872
Bug: 150644692
Change-Id: I40a76935d55712b8083ee1e17e137a8a4ef5e029
Merged-In: I40a76935d55712b8083ee1e17e137a8a4ef5e029
(cherry picked from commit 6c7bef3064dbe949b7b213036b8e70c125ddd343)
In current design, entries with zeros are preserved after
addition/subtraction. These entries are not very useful
and lead to difficulty of verifying the result of
addition/subtraction.
However, change the behavior in the original NetworkStats
is considered risky in current stage.
Thus, this change provide a function that could remove these
empty entries in tests.
Test: atest FrameworksNetTests
Bug: 152827872
Bug: 150644692
Change-Id: I40a76935d55712b8083ee1e17e137a8a4ef5e029
am skip reason: Change-Id I55b63a748463a388e1e2991d2d5d6b3023545e60 with SHA-1 529e8aae25 is in history
Change-Id: I10aae07c044231d9b6fcdd61488a146b21d8dd8f
am skip reason: Change-Id Id53d14e5698e5fcc410868424176b00350c7ae79 with SHA-1 7bcf9c28ac is in history
Change-Id: Icb265e846177c8ee1013529034534f46dec4de47
am skip reason: Change-Id Idb1b6ba41af3b52f3376b1157259af3c30328c4e with SHA-1 c120601182 is in history
Change-Id: Ib70273007ee56039d0645f33f59c677ea5f7b1aa
This change makes IPsec tunnel interfaces automatically get brought up
once they are created. Originally this was considered to be an
additional safety check, as they would not be start routing traffic
until explicitly brought up. However, in the intervening time, the
NetworkManagementController now requires the NETWORK_STACK permission to
set an interface as up. Additionally, that call is a hidden API, and
thus not usable for use cases such as IWLAN.
Bug: 149348618
Test: FrameworksNetTests, CtsNetTestCases passing.
Change-Id: I55b63a748463a388e1e2991d2d5d6b3023545e60
Merged-In: I55b63a748463a388e1e2991d2d5d6b3023545e60
(cherry picked from commit 7c5704d177a903034ae1b6ae4800cc3b8457977a)
IPsec resource counts were selected to be conservative, due to unknowns
about device capabilities. Since then, it appears that we no longer need
such stringent quotas, and this can be relaxed.
Bug: 152368091
Test: FrameworksNetTest passing
Change-Id: Id53d14e5698e5fcc410868424176b00350c7ae79
Merged-In: Id53d14e5698e5fcc410868424176b00350c7ae79
(cherry picked from commit 224699fc0b485dd75e6157a88f66a53d64e5a6fd)
