This change adds permission checking to ensure that the following
conditions are enforced in order for apps to receive the owner UID:
1. The app must be the owner of the network
2. The app must hold the FINE_LOCATION permission/appop
3. The user must have their location toggle enabled.
Bug: 142072839
Test: atest FrameworksNetTests
Change-Id: I7a981a82f1219828ee89c8c96eb9d2efd153377f
Add the requestorUid & requestorPackageName fields to
NetworkCapabilities. This is populated by CS when
a new network request is received.
These 2 requestor fields are also optionally used for network
matching. All of the regular app initiated requests will have the
requestor uid and package name set by connectivity service. Network
agents can optionally set the requestorUid and requestorPackageName
to restrict the network created only to the app that requested the network.
This will help removing the necessity for the various specifiers to embed
the uid & package name info in the specifier for network matching.
Note: NetworkSpecifier.assertValidFromUid() is deprecated & removed in
favor of setting the uid/package name on the agent to restrict the
network to a certain app (useful for wifi peer to peer API & wifi aware).
Bug: 144102365
Test: Verified that wifi network request related CTS verifier tests
pass.
Test: Device boots up and connects to wifi networks
Merged-In: I207c446108afdac7ee2c25e6bbcbc37c4e3f6529
Change-Id: I58775e82aa7725aac5aa27ca9d2b5ee8f0be4242
The non-updatable part of the platform now is built with
framework-tethering-stub, which is a stub library of
framework-tethering.
Bug: 147200698
Test: m
Change-Id: I97ef83f7f9b4c1376f373713036f5256318f1050
Merged-In: I97ef83f7f9b4c1376f373713036f5256318f1050
This commit allows the startLegacyVpn() call to start Platform VPN
profiles, allowing Settings to use the IKEv2/IPsec VPN options
When using an aliased private key, the
Ikev2VpnProfile.KEYSTORE_ALIAS_PREFIX must be prepended to the front of
the alias. This will in turn result in the fromVpnProfile() function to
pull the key from the KeyStore, as opposed to the inline-key that the
VpnManager API uses.
Bug: 148991741
Test: FrameworksNetTests passing, new tests added in subsequent CL
Test: Manually tested
Change-Id: Icbca695c353b2e12e99305676404dbf1a4495949
This commit allows Platform VPNs to be started as part of always-on
mode.
Test: FrameworksNetTests passing, new tests added in subsequent CL
Test: Manually tested.
Change-Id: I5eda88e5b406a0e425eb7424665cf702e0979324
Merged-In: I5eda88e5b406a0e425eb7424665cf702e0979324
Add the service manager argument that is added for the notification
manager.
Test: atest FrameworksNetIntegrationTests
Bug: 139269711
Change-Id: Ie657687000a068b3892d04440b20b3408e875a00
When new CaptivePortalData is received from NetworkMonitor, send a
LinkProperties updated callback.
The updated LinkProperties only contain CaptivePortalData if the
receiver has NETWORK_SETTINGS or MAINLINE_NETWORK_STACK permissions, as
defined in the current callback code.
Test: atest FrameworksNetTests
Bug: 139269711
Change-Id: I68595a519171b31792259849efff5f58c43cacd4
Revert "Use createRandomUnicastAddress from MacAddressUtils"
Revert "Add net-utils-framework-net to telephony-common"
Revert submission 1191997-net-utils-framework-net
Reason for revert: Droidcop-triggered revert due to breakage https://android-build.googleplex.com/builds/quarterdeck?branch=git_qt-qpr1-dev-plus-aosp&target=aosp_taimen-userdebug&lkgb=6208131&lkbb=6208273&fkbb=6208273, bug b/149551544
Reverted Changes:
Ib1c807d64:Use createRandomUnicastAddress from MacAddressUtil...
I9e0f297e0:Add net-utils-framework-net to telephony-common
Ieb8927f9a:Remove framework code that has moved to frameworks...
Change-Id: I2824f781babd9f7e0bb9df524dadf6b8397dcaa1
State override is only handled when state is changed from
CONNECTED to SUSPENDED but not reverse path. Handle both ways
for SUSPENDED state.
Bug: 148678431
Test: FrameworkNetTests
Change-Id: I9333f865d61bbf008fdb8ca162ad17dfdffd1d67
This CL adds checks to ensure restricted users cannot change or
start/stop platform VPNs. In addition, this also adds checks to the
ConnectivityManager#getConnectionOwnerUid() to ensure that only
VpnService based VPNs can identify connections
Bug: 148040659
Test: FrameworksNetTests run
Change-Id: Id47ada5766036bfc84f3ba47f66f2d2683af916d
am skip reason: Change-Id I207c446108afdac7ee2c25e6bbcbc37c4e3f6529 with SHA-1 d499517306 is in history
Change-Id: Ib90134e63ac00f6b377d27d1d8f2a125a247d724
Add the requestorUid & requestorPackageName fields to
NetworkCapabilities. This is populated by CS when
a new network request is received.
These 2 requestor fields are also optionally used for network
matching. All of the regular app initiated requests will have the
requestor uid and package name set by connectivity service. Network
agents can optionally set the requestorUid and requestorPackageName
to restrict the network created only to the app that requested the network.
This will help removing the necessity for the various specifiers to embed
the uid & package name info in the specifier for network matching.
Note: NetworkSpecifier.assertValidFromUid() is deprecated & removed in
favor of setting the uid/package name on the agent to restrict the
network to a certain app (useful for wifi peer to peer API & wifi aware).
Bug: 144102365
Test: Verified that wifi network request related CTS verifier tests
pass.
Test: Device boots up and connects to wifi networks
Merged-In: I207c446108afdac7ee2c25e6bbcbc37c4e3f6529
Change-Id: I58775e82aa7725aac5aa27ca9d2b5ee8f0be4242
* changes:
[NS B10] Cleanup : remove mRematchedNetworks
[NS B09] Create NetworkRanker
[NS B08] More simplification
[NS B07] More simplification
[NS B06] Simplification
[NS B05] Remove old dead code
[NS B04] Make the network selection request-major.
[NS B03] Add debug log showing the reassignment
[NS B02] Split out a function to apply a NetworkReassignment
[NS B01] Move the computation loop to a separate function
[NS A44 2/2] Apply requests after all networks rematching is computed
[NS A44 1/2] Update linger state before processing listens
This is better computed by the code that applies the change
than by the code that computes the reassignment
Test: FrameworksNetTests
Change-Id: I13e2764fd9b29145499085c3bb56de88a97d6c3c
