As the review feedback, this commits address below concern.
1. The TCP keepalive code doesn't use the network parameter
at all. This parameter doesn't seem meaningful for TCP
keepalives. Starting a TCP keepalive with a non-null underpinned
network should throw IllegalArgumentException.
2. The feedback mention that the start version which takes a
@NonNull network should throw NPE if the network is null. But
Starting a NATT keepalive does not always require a underpinned
network. A new IkeSession started from Vpn will also not assign
the underpinned network at the initial stage which means
underpinned will be null until setNetwork() is called. Thus,
the underpinned network should be @Nullable instead.
Fix: 271797087
Test: atest FrameworksNetTests
Change-Id: Ieb57a7b15a06b2ccd94358b65cc00768c4f62e7d
When the application wants to request network with
NET_CAPABILITY_PRIORITIZE_BANDWIDTH or
NET_CAPABILITY_PRIORITIZE_LATENCY, it has to declare
PackageManager.PROPERTY_NETWORK_SLICE_DECLARATIONS property and also
adds the declaration in a separate XML files. Otherwise, the request
will fail with a SecurityException being thrown.
Test: atest FrameworksNetTests CtsNetTestCases
Bug: 266524688
Change-Id: I6affc857b803211517368da288e1b2fdc06a955b
Take a Network parameter to have an one-to-one mapping between
keepalive and its underpinned network on the automatic keepalive.
Existing design could not really tell which network should the
automatic keepalive check for the TCP socket status if there are
multiple automatic keepalives enabled, e.g. Bothe IWLAN and VPN
on WiFi enable the automatic keepalive. The keepalive for IWLAN
should check if there are any TCP sockets on the IWLAN network
instead of VPN network.
Bug: 259000745
Test: atest FrameworksNetTests
Test: Cts in the follow up commit
Change-Id: I7353f4ef43e8fdad02c4d4a0bb5f6efa7d94c1b4
registerSystemDefaultNetworkCallback is required by WifiTrackerLib to
detect the system default network for UI purposes. Currently this API is
allowed for holders of the NETWORK_SETTINGS permission, but not
NETWORK_SETUP_WIZARD. Since SUW also uses WifiTrackerLib, we should
allow this API for NETWORK_SETUP_WIZARD as well.
Bug: 230643853
Test: atest ConnectivityServiceTest
Change-Id: Ic01a186f91ed67b4603b6b8964921be7473a483a
ConnectivityCompatChanges.java becomes the centralized place for all the
CompatChanges used in the Connectivity module. By putting all the
CompatChanges here, we are able to manage them under a single
platform_compat_config.
Bug: 268440216
Test: atest FrameworksNetTests
Change-Id: I3e17af545718073d7d1c96e27298e7790563fd33
Removed usages of throws with @link that generates bad HTML and added
@CallbackExecutor on executors.
Bug: 268170423
Test: atest ConnectivityServiceTest
Change-Id: I2e4264c201b1779b1636e3f1c581237490fd0930
The default TCP polling alarm timer is very large(2 mins).
It's expensive in the CTS to wait for a couple alarms.
The polling alarm should be deprecated soon and replace
with callback design, so add the hidden method for testing
purpose to support the short term usage until design is
replaced with callbacks.
With the hidden method, the alarm timer will decrease to
1 second for a specified time period. The TCP sockets status
could be verified every 1 second.
Bug: 259000745
Test: m ; atest HostsideVpnTests with the follow up test
Change-Id: I99d494d3b50b2fbee73b926e92e97b1e194d43d4
This is much simpler and less error-prone, as well as less
subject to race conditions.
It also allows for cleaning up some TODOs.
Test: FrameworksNetTests
CtsNetTestCases
Bug: 267116236
Change-Id: I470c709446946ef35a0324427defe2f58b434339
String from Android 14, the user must explicitly declare some
capabilities in the application if the application need to call
ConnectivityManager.requestNetwork() with those capabilities.
Test: atest FrameworksNetTests
Bug: 266524688
Change-Id: I8b4816ae3a425ff59d2c1ef09331e079b0e9596e
This patch uses the binder token represented by the callback
to communicate the identity of the AutoOnOffKeepalive through
the alarm mechanism. This is a lot more robust and easy to
understand.
Addressing this, on top of the robustness and readability
advantages, corrects three bugs.
• The |obj| in the message to CMD_MONITOR_AUTOMATIC_KEEPALIVE
is now the binder token both on the sender side and the
receiver side, while the previous code had a Network in the
sender while the receiver expected AutoOnOffKeepalive,
crashing the system server with a wrong cast.
• The intent sent in the alarm would have a yet-uninitialized
value for the slot, so it would not be possible to find the
auto keepalive when the alarm fires.
• When the slot is reassigned, the alarm continued to fire
with the same slot value, so the auto keepalive would no
longer be found after a pause/resume cycle that would
change the slot.
Test: FrameworksNetTests
Change-Id: Ibdbfcd884e0d3559206cbaae7b6b7a524972c3ca
Upcoming CLs use this method to add chain status to failure log of
ConnectivityManagerTest#testFirewallBlocking which is a flaky test
Test: m
Bug: 262141231
Change-Id: Ieb6b4402a3435571decbd8a26fdf666b2db732fe
Add SocketKeepalive.start with parameter to enable dynamic
keepalive mode based on the existence of TCP connections.
This supports IPSec mode to notify KeepaliveTracker to disable
keepalive when keepalive is unnecessary to improve battery life.
Keepalive is controlled by periodically TCP socket status check
for both enable and disable. This is a transition commit and
is expected to be updated based on the socket creation or
destroy.
Bug: 259000745
Test: m ; atest FrameworksNetTests
Change-Id: Ie4d598d69a73c4931c7d0b6dfde0e459e5dca6b4
This commit also updates to use V11 dnsresolver APIs which was V9.
Bug: 262683651
Test: unit tests
Change-Id: Ifbd71157012dc66ec0f377beef9fa59d1c8620b8
Create a new API - setVpnNetworkPreference() for the caller to
set VPN as the preference network.
VPN will be disconnected when its underlying network is gone.
To prevent packets going through an underlying network when the
underlying network is back but VPN is not connected yet, set VPN
as the only preferred network for specific apps.
Bug: 231749077
Test: 1. atest FrameworksNetTests
2. Create a test app to register default network and check if
the VPN is the only default network for the test app.
Change-Id: Iabcd38e2fec2aefedbf78d20e338f222d83a9e7f
This change introduces a limited library for dependencies on
framework-connectivity from Tethering,
connectivity-internal-api-util, where all classes are annotated with
@RequiresApi(S) to ensure proper API checks are done before usage.
Bug: 245972418
Change-Id: I82bafd9063341adc71d07f0858e6d68283d081f0
Add VpnTransportInfo.areLongLivedTcpConnectionsExpensive() in API
surface to allow privileged apps to know whether the long-lived
TCP connections should be expensive in the VPN network.
This is expected to be used combined with getBypassable()
because connections should always go through a VPN that is not
bypassable.
Bug: 259000745
Test: atest FrameworksNetTests
Change-Id: Ic9bcdf43f252f22d12a1136902cc8bbf9cc731f5
This change addresses API review feedback and improves documentation.
Specifically, it adds documentation for the newly added getMtu() and
getMacAddress() methods, describes under which conditions the MAC
address is null and adds a short blurb on how (or in what context) this
class is used.
Test: TH
Bug: 236187143
Change-Id: I349897fd55f3085ce88c8b94c84ec636bb5eb2a6
(these are never called, but must exist for API reasons)
Bug: 257393783
Test: TreeHugger
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: I2f1cb29c5176539abe25bf767997ab4ed5eca6de
Some callers (e.g. iwlan) need to learn about system default
network but they cannot have NETWORK_SETTINGS permission.
To allow them to use this API but prevent from misuse by
unprivileged apps, enforce USE_RESTRICTED_NETWORKS for this API.
Test: atest com.android.server.ConnectivityServiceTest#testRegisterPrivilegedDefaultCallbacksRequireNetworkSettings android.net.cts.ConnectivityManagerTest#testRegisterNetworkCallback
Fix: 242456635
Change-Id: I80ab27445af874328c9c0f4814a8fbf035ae5df4
This will be useful for diagnosing default network changes.
Logs may look like, for example :
Update capabilities for net 100 : -NET_CAPABILITY_OEM_PAID+NET_CAPABILITY_TRUSTED
Or :
Update score for net 100 : -POLICY_EVER_EVALUATED+POLICY_IS_VPN+POLICY_IS_DESTROYED
Test: FrameworksNetTests
manual
Change-Id: Ic4788c599573aae9daeca995b8853800aaaba0b8
The instance of ConnectivityManager is static, and so its inner class
should be static to avoid the memory leak. Otherwise, the inner class
will get the reference to the mContext.
Bug:248184860
Signed-off-by: zhujiatai <zhujiatai@xiaomi.com>
Change-Id: I2c755f04a689f3e9e5f829d9be48765816257366
If the top bit is set, then >>= propagates it. That means
|bitmask| is never 0, and this is an infinite loop.
A followup will move this method to frameworks/libs/net
and add tests for it.
Test: FrameworksNetTests
Change-Id: I28a0a74be41f6f29b796b1c76e404ecc21f810c6
(and also on parceling, which is not really essential, but
still feels better)
This will avoid issues with NC objects unparceled by processes
when the sender was malicious.
Test: FrameworksNetTests
Bug: 246542132
Bug: 246542330
Change-Id: I8b40eb0c11e39b98bce23dc4e3df037c04639000
