This CL updates ConnectivityService to check location permissions for
ConnectivityDiagnostics callbacks last in the permission check process.
This minimizes misattribution of location access for networks that an
app is not administering.
This CL also updates ConnectivityDiagnosticsManager documentation to
clearly state that location permissions are required in order to receive
callbacks.
Bug: 187310575
Test: atest ConnectivityDiagnosticsManagerTest
Test: atest ConnectivityServiceTest
Change-Id: I2dbeddac6273e2392ccaeae51a1c7776d6d3da75
PermissionMonitor register APPS_ALLOWED_ON_RESTRICTED_NETWORKS
setting observer to listen setting changed callback. Then update
or revoke permission for those apps.
Bug: 185149952
Test: atest FrameworksNetTests
Change-Id: I4b6a21bd3f47b7bcaac36fcabf1202a5a84a4520
Let PermissionMonitor read APPS_ALLOWED_ON_RESTRICTED_NETWORKS
setting and grant netd system permission to uids whose package
name is listed in setting.
Bug: 185149952
Test: atest FrameworksNetTests
Change-Id: I856b545c0339a262abbe9d432cfda125bc82dc12
Previous the API ignores subscriberId when network type is WIFI.
Allow caller to call querySummaryXXXX with TYPE: WIFI
+ subscriberId: IMSI to get carrier merged wifi usage which matches the wifi
network with the given IMSI.
Bug: 176396812
Test: atest -c NetworkStatsServiceTest
Change-Id: Ia033521a24e2bb56182d74a41bb2b39710571782
Address API review feedback, other APIs have been refering to
these as "interface" instead of "iface" so migrate the APIs named
*Iface* to *Interface*.
(cherry-picked from ag/14326779)
Bug: 183972554
Test: atest android.net.UnderlyingNetworkInfoTest
Merged-In: I38b476e762fb57fa88c4a789092d0af6f5330d80
Change-Id: I38b476e762fb57fa88c4a789092d0af6f5330d80
This CL modifies NetworkTemplate#buildTemplateCarrier to force on
metered carrier network and rename to buildTemplateCarrierMetered.
This method was introduced recently and has no callers.
This method will be used in Settings and NetworkPolicyManagerService
to display and manage data usage on carrier metered networks.
Settings/NetworkPolicyManagerService will use it instead of the existing
method buildTemplateMobileAll method, which only matches metered networks.
That code will change from matching metered mobile networks to matching
metered carrier networks.
Note: The carrier metered network includes metered mobile network and
metered "merged carrier wifi network" that is a specific cerrier wifi network
which provides the same user experience as mobile.
Bug: 176396812
Test: atest -c NetworkTemplateTest
Change-Id: I7196d62bb60844458a6c4b1d94e2baccb71e15cd
This CL adds APIs for telephony to perform filter matching based on
remote address if the socket is connected. Additional checks will be
performed on the state of socket to avoid the future callbacks in a
separate CL.
Bug: 181916576
Test: Manually verified in live T-Mobile network
atest ConnectivityServiceTest
atest com.android.internal.telephony.dataconnection.QosCallbackTrackerTest
Change-Id: I6fbd4e84c76bc4acbf4e59f06f8e86e0237bae29
The resources are only read by NetworkStack through their respective
ApfCapabilities SystemApi methods.
As the resources are being migrated out of frameworks/base resources
anyway, move them directly to NetworkStack instead of moving them to
ServiceConnectivityResources.
Also test that the framework resources are not overlaid or modified.
This should avoid OEM integration errors where the overlays are kept as
in R, without overlaying the resource in the NetworkStack package.
Bug: 185850634
Test: atest CtsNetTestCases
BYPASS_INCLUSIVE_LANGUAGE_REASON=Need to mention legacy APIs
Change-Id: I7a15ddcad5af11fa307d9dbe3a77b31a1179e5b3
As a part of internal core libraries cleanup move usages of
IoUtils#deleteContents from CorePlatformApi set to framework.
Bug: 154796679
Test: m update-api
Change-Id: If7037029026b6753ab64be09aa52c40e04d5c7b1
Currently, NetworkCapabilities always redacts the TransportInfo
objects it contains whenever a defensive copy is made. This makes
it impossible to make a defensive copy on a TransportInfo
parcelled from another process without redacting it.
Stop redacting by default; instead rely on ConnectivityService
explicitly calling NetworkCapabilities' redacting constructor
when it returns a NetworkCapabilities object to an app via a
callback or synchronous call. This is currently done by
- createWithLocationInfoSanitizedIfNecessaryWhenParceled, which
is called from callCallbackForRequest, getNetworkCapabilities,
and getDefaultNetworkCapabilitiesForUser.
- getNetworkCapabilitiesWithoutUids, which is used when sending
ConnectivityDiagnosticsManager callbacks. In this method,
unconditionally redact all information, which is what the code
did previously due to the default redaction setting for empty
NetworkCapabilities objects being REDACT_ALL.
Bug: 183938194
Test: atest NetworkCapabilitiesTest
Test: atest FrameworksNetTests CtsNetTestCases HostsideVpnTests
Change-Id: I3108ee94cb0930958e071ba678c3554525b0db82
Move the tests together with packages/Connectivity code, so both can be
moved to packages/modules/Connectivity together.
Also reorganize unit tests in a unit/ directory, as other tests
(integration/, common/ etc.) have been added in tests/net since they
were created. This makes the directory structure consistent.
Test: atest FrameworksNetTests
Bug: 187814163
Merged-In: I254ffd1c08ec058d594b4ea55cbae5505f8497cc
Change-Id: I254ffd1c08ec058d594b4ea55cbae5505f8497cc
VPN types are defined in both VpnManager.java and NativeVpnType.aidl.
The definitions on both sides should match (except TYPE_VPN_NONE).
VpnManager.java:
TYPE_VPN_NONE = -1
TYPE_VPN_SERVICE = 1
TYPE_VPN_PLATFORM = 2
TYPE_VPN_LEGACY = 3
TYPE_VPN_OEM = 4
NativeVpnType.aidl:
SERVICE = 1
PLATFORM = 2
LEGACY = 3
OEM = 4
Bug: N/A
Test: atest android.net.VpnManagerTest#testVpnTypesEqual
Change-Id: Ie618e227d861100c5318da696140e486af1093a0
Addresses API council feedback.
Bug: 184890428
Test: atest FrameworksNetTests CtsNetTestCases
Test: atest CtsNetTestCasesLatestSdk:NetworkCapabilitiesTest on R device
Change-Id: Id7c68fbf56ee08fcad8e8e3aacf037fa1885936b
networkCreatePhysical and networkCreateVpn are non-extensible. In order
to pass OEM requested VPN type to Netd, we need to migrate to
networkCreate API.
Modify test code accordingly since networkCreatePhysical and
networkCreateVpn have been deprecated on Netd.
Bug: 171872481
Test: atest FrameworksNetTests
atest atest HostsideVpnTests
Change-Id: I50ab8615346c49559c16e815482e7804a1e765c8
sendNetworkConditionsBroadcast is removed, so
TestNetworkStackService.kt cannot override it anymore,
otherwise there will be a build break when running this
test.
Also add a comment for NETWORK_CONDITIONS_MEASURED in
AndroidManifest.xml.
Bug: 124415874
Test: atest FrameworksNetIntegrationTests
Change-Id: I7b43940dc32826c70fa82f471b35bc5cb8394aad
Merged-In: I7b43940dc32826c70fa82f471b35bc5cb8394aad
This change adds support for IPsec forward policies, which are necessary
for packets to be allowed to be forwarded to another interface, as is
the case with tethering. This is necessary and useful only within the
system server, and as such is not exposed as a public API.
This change is safe, since the addition of a FWD policy on IPsec tunnel
interfaces will by default block forwarded traffic (as would be the case
without this patch). In the event that the (system) owner of the tunnel
requires support for forwarded packets (eg tethering), this patch allows
application of transforms in the FWD direction as well.
This will be used to ensure that the VCN can be used as the underlying
network for the purposes of tethering.
Bug: 185495453
Test: atest IpSecServiceTest
Test: atest IpSecServiceParameterizedTest
Test: manual testing with tethering over VCN
Change-Id: I74ecea71f1954029f6fbdbe34598c82e0aac386b
Update PrivateDnsMode from StringDef to IntDef because IntDef is
the normal way of representing multiple choices in public API.
Also update other related files.
Bug: 185311744
Test: 1. make update-api
2. atest FrameworksNetTests CtsNetTestCases CtsNetTestCasesLatestSdk
3. atest FrameworksServicesTests:DevicePolicyManagerTest
Change-Id: I23e7ec140066979726d769cabc5f7057bb2167e6
Merged-In: I23e7ec140066979726d769cabc5f7057bb2167e6
(Cherry-picked from ag/14227609)
- Querying PackageInfo should have MATCH_ANY_USER flag because
some apps are only installed for specific users. If no flag,
it will get NameNotFoundException.
- Also add missed break on switch case.
Bug: 186382373
Test: atests FrameworksNetTests
Change-Id: I37c8c42352a9a84ccbe9a37248febcd62b8f59e4
Changing the per-app default request flows to fallback to a request of
type TRACK_DEFAULT as opposed to type REQUEST. The main benefit of this
change is that these requests will no longer be sent to the factories
which is desired.
Bug: 180452284
Bug: 176494815
Test: atest FrameworksNetTests
atest FrameworksNetIntegrationTests
atest CtsNetTestCasesLatestSdk
Change-Id: I312e55a54f70aa82953a32ab9369d5afc02b75e5
Merged-In: I312e55a54f70aa82953a32ab9369d5afc02b75e5
Address API review feedback to:
- Rename NetworkAgent#setTeardownDelayMs to
NetworkAgent#setTeardownDelayMillis
- Use getters instead of fields in VpnTransportInfo
- Rename registerDefaultNetworkCallbackAsUid to
registerDefaultNetworkCallbackForUid in ConnectiivityManager
Bug: 183972850
Bug: 185246410
Fix: 184735863
Test: make update-api
Test: atest FrameworksNetTests
Test: atest CtsNetTestCasesLatestSdk
Change-Id: I5e8c4bed8bda40d507afa894c359b5e24ee5d868
Merged-In: I5e8c4bed8bda40d507afa894c359b5e24ee5d868
Migrate resource usage to the connectivity resource package.
For framework resources that have known overlays, keep a fallback until
the overlays can be migrated.
Bug: 182125649
Test: atest FrameworksNetTests
Merged-In: I778d94a5aac0c4e20e78b1ba3a002495c17a38a0
(clean cherry-pick)
Change-Id: I778d94a5aac0c4e20e78b1ba3a002495c17a38a0
Address API review feedback, add getters to UnderlyingNetworkInfo
instead of exposing fields.
Instead of wasting memory by converting this into an array, have
migrateTun take a List<String>. In turn, tunAdjustmentInit should
also take a List<String>.
(cherry picked from ag/14211075)
Bug: 183972554
Test: atest android.net.UnderlyingNetworkInfoTest
Merged-In: Id59744097208d91298a25ef110ade91a9cf291a1
Change-Id: Id59744097208d91298a25ef110ade91a9cf291a1
The permission is necessary for ConnectivityService to obtain its
resource package. As the integration tests run ConnectivityService
in-process, they need the permission.
Bug: 186091860
Test: atest FrameworksNetIntegrationTests
Change-Id: I60cf9b54faddf0ea4cb02146c83c9bba58370749
