VPN is considered fully routed if both IPv4 and IPv6 have
either a default route or a prohibit route.
Bug: 145332510
Test: atest FrameworksNetTests
Change-Id: I59cf48552bca98092d1212e3d718fd420add5458
The NetworkStack.getService() API should be used instead.
Bug: 151243982
Test: atest FrameworksNetTests TetheringTests
Manual tethering test
Merged-In: I7855090bffbe895c8349ad4903b8f2eb55515f0b
(clean cherry-pick from internal branch)
Change-Id: If4af2846a82605e828287a9a4680d5547b76b802
Note that enabling/disabling would not take effect until device
reboot. This will be addressed in follow-up patch.
Test: 1. atest NetworkStatsServieTest SettingsBackupTest
2. adb shell settings put global netstats_combine_subtype_enabled 1|0
Bug: 146415925
Change-Id: Ic94da540afa479ed18f1b6fbda4ae3216c37476b
Merged-In: Ic94da540afa479ed18f1b6fbda4ae3216c37476b
(cherry picked from commit c4f77ac90bf2e48a655ad19b162fe74a23bf3fb0 and
fix merge conflict in SettingsBackupTest)
Switch on the recording in device side. Metrics will be
collected in follow-up patches which can be independently
enabled/disabled.
This change also fix the fail in NetworkStatsCollectionTest
which caused by enabling this feature, where the rounding
problem happened when records are distributed into smaller
buckets and categorized into more NetworkIdentity.
Test: atest FrameworksNetTests
Bug: 129082217
Change-Id: If330e85330a4ff713dd420c98d42fa741eabd90a
Merged-In: If330e85330a4ff713dd420c98d42fa741eabd90a
(cherry picked from commit 2d4fa2c0fae8c2d79a25093d9f732a33c2f91dd4)
NetworkCapabilities#mAdministratorUids is used to track the UIDs that
are administrators of the given Network. This value was previously
stored as List<Integer>. However, general Android API Council guidelines
recommend using Arrays for primitive values. In order to be consistent
with the guidelines, updating the field to use an Array.
Bug: 147903575
Test: atest FrameworksNetTests
Change-Id: I2652a5b0f276b8944454af5cb4b1383a3e054cfa
Merged-In: I2652a5b0f276b8944454af5cb4b1383a3e054cfa
Currently, in NetworkStats, there are many methods to manipulate
the records. However, some methods are similar and ambiguous,
such as addEntry, addValues, setValues, addIfaceValues,
combineValues and combineAllValues.
Thus, properly grouping and renaming methods are necessary.
In this change, for methods that add one record conditionally,
name them addEntry.
addValues -> addEntry
Test: atest FrameworksNetTests ImsPhoneCallTrackerTest TetheringTests
Fix: 148895143
Change-Id: I9495a198cf247e6c79100f7ac1edcea370b071de
Merged-In: I9495a198cf247e6c79100f7ac1edcea370b071de
(cherry picked from ag/10700816)
API Council feedback suggests renaming ConnectivityDiagnosticsCallback
'onConnectivityReport' function to be 'onConnectivityReportAvailable'.
Bug: 150598997
Test: atest FrameworksNetTests
Change-Id: Ieea727ecee6cf358a53a215fd4b06233dfe967ea
Merged-In: Ieea727ecee6cf358a53a215fd4b06233dfe967ea
ConnectivityDiagnosticsCallbacks should only be invoked for the
underlying networks declared by active VPNs. This encourages VPN apps to
declare their underlying networks.
The previous permission model for VPNs allowed active VPNs to receive
callbacks on any network.
Bug: 148903617
Test: atest FrameworksNetTests
Change-Id: Ic08cdd2e2532580fda0fd3034e2bdff27e0ff84b
NetworkFactory is turning into a one-time object that cannot be
re-used. Check for this in ConnectivityService.
Bug: 148635501
Test: test continues to pass
Change-Id: I793436ee0f4b5d778788ad34b8a2575d2ad0ed80
Merged-In: I793436ee0f4b5d778788ad34b8a2575d2ad0ed80
Currently, in NetworkStats, there are many methods to manipulate
the records. However, some methods are similar and ambiguous,
such as addEntry, addValues, setValues, addIfaceValues,
combineValues and combineAllValues.
Thus, properly grouping and renaming methods are necessary.
In this change, for methods that add one record unconditionally,
name them insertEntry.
setIfaceValues -> insertEntry
addEntry -> insertEntry
Test: atest FrameworksNetTests ImsPhoneCallTrackerTest TetheringTests
Test: m doc-comment-check-docs
Bug: 148895143
Change-Id: I801ddc49e283a254b9586700c9b597c0adb0d459
CTS tests don't have access to TestNetworkAgent and therefore
require overloading this method, which means 'null' is ambiguous.
Bug: 139268426
Test: FrameworksNetTests
Change-Id: I9279718bde30bd98eff901921fb3411d22da72e5
CONNECTIVITY_ACTION_SUPL is marked as a "temporary hack" and has
never been public. Remove this intent definition since no one is
receiving this intent and should use network callback to know the
connection change.
Bug: 109636544
Test: atest FrameworksNetTests
Change-Id: Ie9e5127742beba04f1c191e894e8a29fe1e704bb
Connectivity Diagnostics included an unnecessary try-catch for verifying
that the permissions check for invoking ConnectivityDiagnosticsCallbacks
doesn't throw when the uid and package name do not match.
Bug: 149119324
Test: atest FrameworksNetTests
Change-Id: Ie302b1f4f437e819fdd15ec28adb0b56750c2c53
This change makes IPsec tunnel interfaces automatically get brought up
once they are created. Originally this was considered to be an
additional safety check, as they would not be start routing traffic
until explicitly brought up. However, in the intervening time, the
NetworkManagementController now requires the NETWORK_STACK permission to
set an interface as up. Additionally, that call is a hidden API, and
thus not usable for use cases such as IWLAN.
Bug: 149348618
Test: FrameworksNetTests, CtsNetTestCases passing.
Change-Id: I55b63a748463a388e1e2991d2d5d6b3023545e60
- Change route to update existing route
- MTU parameter added to AddRoute
Bug: 142892223
Test: unit test
Change-Id: Ie339d0cee5be12c2232a4631fed61219a0facc64
ConnectivityService currently calls
LocationPermissionChecker#checkLocationPermission. This method call
throws a SecurityException if the given package name and UID do not
match. This permission check is made from the ConnectivityService
Thread, so any Exception being thrown will crash the SystemServer. This
is not acceptable, so surround the permission check in a try-catch in
case any SecurityExceptions are thrown.
Bug: 149119324
Test: atest ConnectivityServiceTest
Change-Id: Ibe2874f2a5249432270aa1b9eb7d004bbba35ac2
This class is useless at this point and introduces overhead.
Bug: 113554781
Test: FrameworksNetTests
Change-Id: Ib6da6c1c7f2a0b97c847d2e64e5ce16dd821e1e7
Remove the old connected notification since there is a new file
- NetworkStackNotifier.java which will send the connected
notification when captive portal validated.
Bug: 149883761
Test: 1. atest FrameworksNetTests
2. Sign-in a captive portal and see if there is a redundant
connected notification.
Change-Id: I4ec9d26623af4bfc65156a28a96b982466aede31
Merged-In: Id11a9b99dd04772a92af8d527104906c47bf64cd
ConnectivityDiagnostics shares NetworkCapabilities in
ConnectivityReports and DataStallReports. These NetworkCapabilities need
to have their UIDs scrubbed before they are shared with callbacks.
Bug: 148942124
Test: atest FrameworksNetTests
Change-Id: I5bde5a8116f7e36b8f4de49adf4cab8ec45a5aa4
Currently, internal handler is set by setHandler after
constructing NSS object. This was introduced in ag/866187 to
access the handler in the unit test.
However, the design put NSS in a bad situation where all classes
that need handler or executor could not be final and need to be
dynamically allocated in order to get a valid handler.
Thus, since the usage of handler is removed in previous patch,
this change eliminate setHandler by initializing the handler in
the constructor.
Test: atest FrameworksNetTests
Bug: 150664039
Change-Id: I794a24d00b0ca9fdc78091e7b9ab7307e0f034b7
Check all routes that are added and removed instead of just some
of them. This is in preparation of an upcoming change that
switches to adding and creating routes by issuing direct calls to
netd.
Also rename the misleading ipv4Default route variable to
ipv4Subnet, which is what it actually is.
Bug: 142892223
Test: test-only change
Change-Id: I7d111382be215a926a7d7d4701bd3c3e94372b99
Currently, to wait for handler becomes idle, specific message
is used and the test would wait for condition variable to be
open when the message is processed.
However, this is already done in the HandlerUtils. Thus,
there is no need to post such message manually in the handler.
Test: atest FrameworksNetTests
Bug: 150664039
Change-Id: Iab32b2dbab01634ca159dcb90fc9f929d1fed1a2
Validate route addition and deletion after linkProperties are
changed.
Test: atest ConnectivityServiceTest#testStackedLinkProperties
Change-Id: I18296b933e856a0f8a4c1dbd75bd35024853bfbb
Calling IPC in a constructor is unusual and confusing, and can be
considered bad form. There are multiple reasons for this :
• Users can't obtain an instance of the class without calling the
constructor, but they can't always afford an IPC where they need
this, forcing them to know about the implementation detail and
sometimes design around it.
• On a related but generalized note, constructors should usually
be fast for the same range of reasons.
• Having a separate method to register the agent simply gives more
flexibility to the app.
• It's also a lot easier to test.
But also we can't fix it without an update to the API, so here it is.
Another reason for doing this is consistency with the NetworkProvider
API.
Bug: 138306002
Bug: 139268426
Test: atest FrameworksNetTests FrameworksWifiTests FrameworksTelephonyTests
Change-Id: I1ee5c7b1353d581e487c8a8a159009bebd781643
Merged-In: I1ee5c7b1353d581e487c8a8a159009bebd781643
(clean cherry-pick from internal branch)
This change adds permission checking to ensure that the following
conditions are enforced in order for apps to receive the owner UID:
1. The app must be the owner of the network
2. The app must hold the FINE_LOCATION permission/appop
3. The user must have their location toggle enabled.
Bug: 142072839
Test: atest FrameworksNetTests
Change-Id: I7a981a82f1219828ee89c8c96eb9d2efd153377f
This commit allows the startLegacyVpn() call to start Platform VPN
profiles, allowing Settings to use the IKEv2/IPsec VPN options
When using an aliased private key, the
Ikev2VpnProfile.KEYSTORE_ALIAS_PREFIX must be prepended to the front of
the alias. This will in turn result in the fromVpnProfile() function to
pull the key from the KeyStore, as opposed to the inline-key that the
VpnManager API uses.
Bug: 148991741
Test: FrameworksNetTests passing, new tests added in subsequent CL
Test: Manually tested
Change-Id: Icbca695c353b2e12e99305676404dbf1a4495949
This commit allows Platform VPNs to be started as part of always-on
mode.
Test: FrameworksNetTests passing, new tests added in subsequent CL
Test: Manually tested.
Change-Id: I5eda88e5b406a0e425eb7424665cf702e0979324
Merged-In: I5eda88e5b406a0e425eb7424665cf702e0979324
