The current logging relies on the system log that may rotate. This is a
problem to investigate bugs where the network stack service is not
started. Add a SharedLog to NetworkStackClient and dump it in
ConnectivityService (for lack of a better place to dump it).
Bug: 124307802
Test: Booted, dumpsys connectivity shows the log
Change-Id: If596451d0613645f68a8a32acb032eea76ea506c
Netd need the list of apps that have permission INTERNET or permission
UPDATE_DEVICE_STATS at run time to make decisions about application
request. To avoid protential deadlock and reduce the traffic between
netd and system server, Use packageManagerServcie to send the list of
apps that have those permissions to netd when device boot and when new
apps get installed.
Bug: 111560570
Bug: 111560739
Test: install and uninstall packages and dumpsys netd trafficcontroller
Change-Id: Idb9905f424557a5c59e35d41f5eafe345aca87e0
NetworkStack is only used in services.net or clients of services.net. It
cannot stay in framework.jar because it needs to depend on AIDL
interfaces, which would conflict with app implementations if they were
in framework.jar.
Test: atest FrameworksNetTests NetworkStackTests
Bug: 124033493
Change-Id: Ib1d08a3669983640119d008db7e2990fa798724f
Merged-In: I501b125a388c1100c2182bde4670944c2f0d7a02
ICaptivePortal is used in the framework and cannot be used as a
dependency in NetworkMonitor, as the framework class takes precedence
when linking.
Also fix NetworkMonitorTest that was not verifying the right
startCaptivePortalApp call.
Test: atest FrameworksNetTests NetworkStackTests
Bug: 124033493
Change-Id: I8e7bb79e50650ae182a2e4277fb49abf5fb6d910
Merged-In: Ib6a89e54312628662b130fbeec18d11e139f09fa
Previously, they were only updated when underlying network set was
non-null.
This change also ensures that all the calls b/w ConnectivityService and
Vpn that leads to updating capabilities are on ConnectivityService
handler thread.
Additionally, it also ensures that capabilities are propagated after VPN
enters connected state. This was previously done from establish which
could potentially lead to race between VPN getting connected and
capabilities getting updated.
This change also updates VPN capabilities inline from
ConnectivityService handler thread. Previously, there was an additional
loop where Vpn would update capabilities via NetworkAgent thru
AsyncChannel which posts back to CS handler thread, which could
potentially lead to delays in updating VPN capabilities.
Bug: 119129310
Bug: 118856062
Bug: 124268198
Test: atest FrameworksNetTests
Test: manual - verified VPNs capabilities are getting updated and
DownloadManager is working correctly.
Change-Id: Id0abc4d304bb096e92479a118168690ccce634ed
In aosp/861571, it tried to refine the design to prevent the
lingering notification is cleared unexpectedly. However, all
notifications should be cleared when network is disconnected.
Refine the design by clearing all lingering notifications when
network is disconnected.
Bug: 123488640
Bug: 123537643
Test: 1.Build pass
2.atest FrameworksNetTests
3.Connect to a hotspot which doesn't have internet,
after getting "NO_INTERNET" notification, disconnect
the wifi and check if "NO_INTERNET" notification will
be cleared or not.
Change-Id: Iac45ec186cf81915c318dba37f43136609d579f6
Have the network stack pass its package name in
showProvisioningNotification instead.
Bug: 124033493
Test: flashed, WiFi and captive portal works
Test: atest FrameworksNetTests NetworkStackTests
Change-Id: I1f3312768ba1fb34e99a827e1fcdaf7510e318a8
The new set of API allows applications to request keepalives
offload for established TCP sockets over wifi.
However, the application must not write to or read from the
socket after calling this method, until specific callbacks are
called.
Bug: 114151147
Test: atest FrameworksNetTests FrameworksWifiTests NetworkStackTests
Change-Id: I3880505dbc35fefa34ef6c79555458ecf5d296a4
Treat NetworkStack.PERMISSION_MAINLINE_NETWORK_STACK as equivalent to
NETWORK_STACK, CONNECTIVITY_INTERNAL and NETWORK_SETTINGS combined.
NetworkStack.PERMISSION_MAINLINE_NETWORK_STACK is defined as signature
permission in NetworkStackPermissionStub, which is signed with the
platform certificate, so requirements are the same for both permissions.
The permission is defined by NetworkStackPermissionStub and only used by
NetworkStack, which must be signed with the same key as the stub.
Test: flashed, booted, WiFi works, also with changes on top removing
CONNECTIVITY_INTERNAL and NETWORK_SETTINGS
Bug: 112869080
Change-Id: I9d0ea8fc99eadf7e902421efdba9b8bf535658b8
Endpoints protected with INTERACT_ACROSS_USERS_FULL, such as
startActivityAsUser, should only be used by modules signed with the
platform cert. The NetworkStack needs to have the system server start
the application so this restriction can be applied.
Bug: 123846255
Test: flashed, captive portal works from primary and secondary user
Change-Id: Ib3e427b3fd03ced80c02985e795f79b096a2ec9a
When offload is starting, socket will be switched to repair
mode. Read and write on the socket will not be allowed until
repair mode is turned off. If remote packet arrives, repair
mode will be turned off automatically and a callback will
be raised to indicate that socket is ready to read from.
Bug: 114151147
Test: -atest FrameworksNetTests
-manual
Change-Id: I0c335865912e183e7ad32a8ea12188f02ccde5fd
In previous change, the new SocketKeepalive API was exported.
But internally, old PacketKeepalive names and structures are
still used.
This change rename them properly for code consistency and also
refactor KeepalivePacketData to support different types of
KeepalivePacketData.
Bug: 114151147
Test: 1. atest FrameworksNetTests
2. atest FrameworksWifiTests
3. atest FrameworksTelephonyTests
Change-Id: Ia9917d12987e91e87e34ffb3f126e7bc7c9c187e
Merged-In: Ia9917d12987e91e87e34ffb3f126e7bc7c9c187e
The callback would be used to notify entitlement value. If the
cache value indicates entitlement succeeded, it just fire
callback with cache value instead of run entitlement check.
Bug: 120887283
Test: atest FrameworksNetTests
Change-Id: I8afe928423bd75c54c61533a50a5c0814922ceb1
The metrics go through NetworkMonitor in the NetworkStack so that they
can be upgraded to new metrics in the future.
Test: flashed, captive portal login works, metrics shown in events log
Bug: 112869080
Merged-In: I4bccfbd87bae5b2d65e45c7a5918aa45ab5d76e8
Change-Id: Ib5e2126788f8d56a00a56d7efcd33c5f9a37a6de
Includes various small changes to stop using hidden APIs
Test: make NetworkStack
Test: flashed, booted, WiFi and tethering working
Bug: 112869080
Change-Id: Id2830795a444f484b377ed6437435a1cd833697a
Captive portal app will be auto dismissed after user login the
captive portal network. In order to improve the user experience,
popup a notification to notify user that the captive portal
network is connected.
Bug: 113629026
Test: 1.atest FrameworksNetTests:NetworkNotificationManagerTest
2.Connect to a captive portal network and login, check if
there is a notification popup.
Change-Id: Id54d12268e107af2f213c2bb348c5f7908e880f4
Adds system api of createSocketKeepalive to take file descriptor,
so privileged apps could use it without the need of IpSecService.
Bug: 114151147
Test: atest FrameworksNetTests
Change-Id: If926c21704b6ed73a0adfcadad732b97b42bacae
This avoids the need to expose ConnectivityService implementation
details as @SystemApi and the complexities that would be required
to make NetworkCapabilities parcelable in stable AIDL.
Bug: 112869080
Test: atest FrameworksNetTests NetworkStackTests
Change-Id: Icd5d25b9b8e9b7a7d1899b000c92dc4976c3b3d7
This helps remove the dependency on MultinetworkPolicyTracker from
IpClient.
Test: atest FrameworksNetTests NetworkStackTests
Bug: 112869080
Change-Id: If56791dbed564772f25a859f301b8b52d84e38a3
If KeepaliveInfo was created but cannot be started, current
design will only notify apps but not remove it from local
hashmap, which will cause unexpected behavior if someone
tries to iterate records and fire callbacks.
Bug: 122636283
Test: atest FrameworksNetTests
Change-Id: If4cb25a881dd3555f569c729f88741675f7f3bdf
Network specifiers are used for 2 purposes:
- As part of network requests to specify more information on the type
of requested networks.
- On network agents to specify information about their networks.
The network specifiers of the requests and agents are matched to each
other. However, the agent network specifier may contain sensitive
information which we do not want forwarded to any app.
This CL adds an option to strip out this agent network specifier before
the network capabilities are forwarded to the app.
Bug: 122160111
Test: atest ConnectivityServiceTest (frameworks/base/tests/net)
Test: atest frameworks/base/tests/net
Test: atest frameworks/opt/net/wifi/tests/wifitests
Test: atest frameworks/opt/telephony/tests/telephonytests
Test: atest frameworks/opt/net/ethernet/tests
Test: atest android.net.cts - some flakiness!
Test: act.py ThroughputTest
Test: act.py DataPathTest
Test: atest SingleDeviceTest (cts)
Change-Id: If08d312ff814bdde1147518f923199e6349503d5
Make Nat464Xlat talk to netd directly instead of through
NetworkManagementService. The methods in NetworkmanagementService
don't really provide any value: since the only thing they do is
call into netd, we might as well have the callers talk to netd
directly,
In order to do this, pass INetworkManagementService and INetd to
the NetworkAgentInfo constructor, and update callers appropriately.
Bug: 65674744
Test: builds, boots
Test: atest FrameworksNetTests
Change-Id: Iac4cfe709c6279e4d9682b6754963e533707bd12
