Currently, when a network that uses 464xlat is torn down,
NetworkCallbacks will receive onLinkPropertiesChanged after
onLost. This is confusing and incorrect.
The incorrect callback is sent because handleLinkProperties
checks that the netId of the agent still exists, not that the
NetworkAgent is still registered. This is normally correct,
because the NetworkAgent is removed from mNetworkAgentInfos and
the netId are removed from mNetworkForNetId by the same method,
disconnectAndDestroyNetwork.
In this specific case it's not correct, because the call to
handleUpdateLinkProperties is from disconnectAndDestroyNetwork
itself via nai.clatd.update and calls Nat464Xlat#stop.
No other callers of handleUpdateLinkProperties are affected
because:
- EVENT_NETWORK_PROPERTIES_CHANGED is called only by
maybeHandleNetworkAgentMessage, which first checks that the
NetworkAgent is registered.
- handlePrivateDnsSettingsChanged only looks at registered
NetworkAgents (it loops over mNetworkAgentInfos).
- handlePrivateDnsValidationUpdate, handleNat64PrefixEvent and
handleCapportApiDataUpdate call getNetworkAgentInfoForNetId,
which will correctly determine that the agent is no longer
registered, since they run on the handler thread and thus
cannot run at the same time as disconnectAndDestroyNetwork.
The existing code contains a check for the netId being current.
This is intended to ensure that an update from a NetworkAgent
cannot affect another agent with the same Network. This extra
check is not necessary, because code running on the handler
thread can never observe a NetworkAgent in mNetworkAgentInfos
unless mNetworkForNetId maps that NetworkAgent's Network to that
NetworkAgent. This is because mNetworkForNetId is updated by the
same methods as mNetworkAgentInfos, and those updates occur on
the handler thread. So all code on the handler thread will see
those two as consistent.
Bug: 176496580
Test: atest FrameworksNetTests CtsNetTestCases HostsideVpnTests
Change-Id: I944f4c6ad36206bdccd85a6ea7ef71324a29c685
By design, the nascent timer will be removed after a network
satisfied first request. However, this never happens.
Because the mInactive is false when that happens, so isNascent
is never true.
Furthermore, when removing a nascent timer, the inactivity
state can never be updated since no condition in the
updateInactivityState will be met to update the state correctly.
Thus, update inactive state accordingly when adding/removing the
nascent timer.
Test: TH
Bug: 184227264
Merged-In: I3c2563d4ae4e3715d0c6270344ba8f7ef067872f
Merged-In: I4c1521b6e0ef68ac489771a2ab6b09ef3e381577
Change-Id: I4c1521b6e0ef68ac489771a2ab6b09ef3e381577
(cherry-picked from ag/14060609)
Note that this requires removing part of a test, because
that part is testing that the a 50 bonus of the legacy
int is stronger than the validation penalty, which is
not a mechanic we want to have. When WiFi is unvalidated
and cell is unvalidated, cell should be kept in case it
validates, like is described in comments in
isNetworkPotentialSatisfier ; however this test is
checking that it *IS* reaped off if the wifi score is
strong enough. This should be incorrect, and should not
be tested, so this patch removes the check.
Test: ConnectivityServiceTest
Bug: 184834350
Merged-In: I3c2563d4ae4e3715d0c6270344ba8f7ef067872f
Merged-In: I8966abee59fea2d9f10f082aba87df6588b72762
Change-Id: I8966abee59fea2d9f10f082aba87df6588b72762
(cherry-picked from ag/14127306)
.equals() only work on cross-process Binder instances if casted to
a Binder instance first.
Bug: 184281544
Test: ConnectivityServiceTest. CTS test for this specific issue to come
Merged-In: I3c2563d4ae4e3715d0c6270344ba8f7ef067872f
Merged-In: I7b9e0df21a3cca59659867a75792289ddee2f1d7
Change-Id: I7b9e0df21a3cca59659867a75792289ddee2f1d7
(cherry-picked from ag/14125149)
This doesn't reactivate the test because it's not yet fixed over int
scoring.
Bug: 184834350
Test: Remove @Ignore and run testAvoidBadWifi
Merged-In: I3c2563d4ae4e3715d0c6270344ba8f7ef067872f
Merged-In: I32477db52eb50faabc499fa68e24ba07577782aa
Change-Id: I32477db52eb50faabc499fa68e24ba07577782aa
(cherry-picked from ag/14064906)
At this stage, this is turned off. Unit tests will be
in a followup change.
Test: In a followup
Bug: 167544279
Merged-In: I3c2563d4ae4e3715d0c6270344ba8f7ef067872f
Merged-In: I4448a3546fbc1a3dddf757982c031c5f39ba2889
Change-Id: I4448a3546fbc1a3dddf757982c031c5f39ba2889
(cherry-picked from ag/14010222 with fixes)
This exposes a mechanism for network providers to tell
the network stack that a given network must be kept up
for some specific reason. This is meant to be easier
for them than to have to file a request, in particular
because there is no guaranteed way to make sure the
request will be best matched by any given network.
Test: new test for this
Bug: 167544279
Merged-In: I3c2563d4ae4e3715d0c6270344ba8f7ef067872f
Merged-In: I238a3ee5ee9262477a23b897e4141769dd1505d1
Change-Id: I238a3ee5ee9262477a23b897e4141769dd1505d1
(cherry-picked from ag/13929760)
The design is very simply expressed :
An offer is needed for a request if and only if that offer
might beat the satisfier for that request.
The implementation of "might beat" is NetworkRanker#mightBeat.
Test: FrameworksNetTests FrameworksWifiTests NetworkStackTests
Bug: 167544279
Merged-In: I3c2563d4ae4e3715d0c6270344ba8f7ef067872f
Merged-In: I0fe911eef2483ecbac48c733d56283b81538690a
Change-Id: I0fe911eef2483ecbac48c733d56283b81538690a
(cherry-picked from 7b6a33bd50)
- Read MOBILE_DATA_PREFERRED_UIDS setting when system ready
- Register MOBILE_DATA_PREFERRED_UIDS setting observer
- Send uid ranges to netd when update mobile data preferred uids
Bug: 171872461
Test: atest FrameworksNetTests
Merged-In: I5153c770650594e05dfa8cf230d7381d790f4a55
(cherry-pick with minor conflicts)
Change-Id: I5153c770650594e05dfa8cf230d7381d790f4a55
NS04.5 removed a security that it shouldn't have. Reinstate it.
Bug: 167544279
Test: ConnectivityServiceTest
Merged-In: I3c2563d4ae4e3715d0c6270344ba8f7ef067872f
Merged-In: If614da813a96d1b50a16fa4be5659e1647d9469d
Change-Id: If614da813a96d1b50a16fa4be5659e1647d9469d
(cherry-picked from ag/13975118)
...instead of a Messenger.
This will be useful later to compare whether a given offer is
offered by the same provider satisfying a request.
Bug: 167544279
Test: ConnectivityServiceTest
Merged-In: I3c2563d4ae4e3715d0c6270344ba8f7ef067872f
Merged-In: I975a9439021c7fa511c50ac982819b6dd146291e
Change-Id: I975a9439021c7fa511c50ac982819b6dd146291e
(cherry-picked from 148dcce559)
Netd should be obtained via getSystemService, and
ModuleNetworkStackClient must be used instead of NetworkStackClient for
modules.
Original change (project moved):
Ibe703ac56dd70673115cd8b95b44b856a7fc01f3
Bug: 171540887
Test: m
Merged-In: I3c2563d4ae4e3715d0c6270344ba8f7ef067872f
Change-Id: I6c8593712c0e86da139d425ef6240c5004e392e2
BoolRes and VpnType are hidden annotations that should not be used in a
module class.
Original change (project moved):
I84690c868ecc62a546ec97bcae2e017a283dc07e
Test: m
Bug: 171540887
Merged-In: I3c2563d4ae4e3715d0c6270344ba8f7ef067872f
Change-Id: Ie02cff68cf9adf82fc39bde4d2ba2be3255fb3d5
This library can be removed because the annotations are no longer
used out of module.
@RestrictBackgroundStatus and @MultipathPreference are defined
in connectivity mainline module. Annotate these in non-updatable
platform is not going to be manageable long term. For example,
if the module gets updated and the annotation gets more values
then it's a problem in non-updatable platform. So, it should
not have IntDef cross module boundaries.
Ignore-AOSP-First: AOSP doesn't include this change yet
Bug: 183972925
Test: build
Change-Id: I63f1fde73c4ffdaff9fda914e33cbb5a110ba64e
This CL updates ConnectivityDiagnostics permission checks in
ConnectivityService to only require location permission for Networks
that have TRANSPORT_WIFI. This change is consistent with the location
restrictions required for the transports themselves. Previously,
location permissions were required for all Network types.
Bug: 187310575
Test: atest ConnectivityServiceTest ConnectivityDiagnosticsManagerTest
Change-Id: I48806533e4e705d2d9be45f3b3d3931d9294b167
This CL updates ConnectivityService to check location permissions for
ConnectivityDiagnostics callbacks last in the permission check process.
This minimizes misattribution of location access for networks that an
app is not administering.
This CL also updates ConnectivityDiagnosticsManager documentation to
clearly state that location permissions are required in order to receive
callbacks.
Bug: 187310575
Test: atest ConnectivityDiagnosticsManagerTest
Test: atest ConnectivityServiceTest
Change-Id: I2dbeddac6273e2392ccaeae51a1c7776d6d3da75
Merged-In: I2dbeddac6273e2392ccaeae51a1c7776d6d3da75
(cherry picked from commit f3d0fc49db)
When apps try to call factoryReset to do networking reset, it
will result in updating the setting in SettingsProvider.
ContentProvider will verify if the package name of the caller
that initiated the request being processed on the current thread.
The package should belong to the calling UID. The setting update
started from the ConnectivityService context, so the package will
be android but the calling UID will be the calling app. It will
cause a SecurityException. The behavior is fine previously as its
known caller(Settings) shares system UID. But it will be a
problem for other callers, such as CTS. Thus, clear the identity
since the necessary permission check should be examined at the
top of the method. The following actions should be fine to be
proceed from the system itself. Also replace the user restriction
check via hasUserRestrictionForUser with the UserHandle created
from the calling uid to ensure it's verified with correct user.
Bug: 186061922
Test: Factory reset from Settings
Merged-In: If2dd69f702a1eafff331f9e71f6b92aeadfb715d
Change-Id: If2dd69f702a1eafff331f9e71f6b92aeadfb715d
(cherry picked from commit 10ba4b773b)
When apps try to call factoryReset to do networking reset, it
will result in updating the setting in SettingsProvider.
ContentProvider will verify if the package name of the caller
that initiated the request being processed on the current thread.
The package should belong to the calling UID. The setting update
started from the ConnectivityService context, so the package will
be android but the calling UID will be the calling app. It will
cause a SecurityException. The behavior is fine previously as its
known caller(Settings) shares system UID. But it will be a
problem for other callers, such as CTS. Thus, clear the identity
since the necessary permission check should be examined at the
top of the method. The following actions should be fine to be
proceed from the system itself. Also replace the user restriction
check via hasUserRestrictionForUser with the UserHandle created
from the calling uid to ensure it's verified with correct user.
Bug: 186061922
Test: Factory reset from Settings
Change-Id: If2dd69f702a1eafff331f9e71f6b92aeadfb715d
When apps try to call factoryReset to do networking reset, it
will result in updating the setting in SettingsProvider.
ContentProvider will verify if the package name of the caller
that initiated the request being processed on the current thread.
The package should belong to the calling UID. The setting update
started from the ConnectivityService context, so the package will
be android but the calling UID will be the calling app. It will
cause a SecurityException. The behavior is fine previously as its
known caller(Settings) shares system UID. But it will be a
problem for other callers, such as CTS. Thus, clear the identity
since the necessary permission check should be examined at the
top of the method. The following actions should be fine to be
proceed from the system itself. Also replace the user restriction
check via hasUserRestrictionForUser with the UserHandle created
from the calling uid to ensure it's verified with correct user.
Bug: 186061922
Test: Factory reset from Settings
Change-Id: If2dd69f702a1eafff331f9e71f6b92aeadfb715d
Stop reading legacy resources as fallback, and only use resources in
ServiceConnectivityResources.
Bug: 185850634
Test: atest CtsNetTestCases FrameworksNetTests
Change-Id: I224f1ef9a1a8d6e636c7e9550845ab3e1394d7f3
Currently, unprivileged apps can call getAllNetworks() to see
all networks on the system, even networks that do not apply to
them. Allow them to do this via NetworkCallbacks as well.
This is the last piece of information that was only available
through getAllNetworks, so this CL deprecates that API.
Bug: 187921303
Test: new unit tests
Test: CTS test in other CL in topic
Change-Id: I30f1021927d3c8eae6525116c61ff4a4acecff6d
This CL updates ConnectivityService to check location permissions for
ConnectivityDiagnostics callbacks last in the permission check process.
This minimizes misattribution of location access for networks that an
app is not administering.
This CL also updates ConnectivityDiagnosticsManager documentation to
clearly state that location permissions are required in order to receive
callbacks.
Bug: 187310575
Test: atest ConnectivityDiagnosticsManagerTest
Test: atest ConnectivityServiceTest
Change-Id: I2dbeddac6273e2392ccaeae51a1c7776d6d3da75
This CL updates ConnectivityService to check location permissions for
ConnectivityDiagnostics callbacks last in the permission check process.
This minimizes misattribution of location access for networks that an
app is not administering.
This CL also updates ConnectivityDiagnosticsManager documentation to
clearly state that location permissions are required in order to receive
callbacks.
Bug: 187310575
Test: atest ConnectivityDiagnosticsManagerTest
Test: atest ConnectivityServiceTest
Change-Id: I2dbeddac6273e2392ccaeae51a1c7776d6d3da75
The legacy design of "dumpsys connectivity" will only dump
information with NORMAL priority. It was updated to provide
both NORMAL and HIGH priority information in order to support
dump in bugreport. However, it will also affect the result
using dumpsys connectivity.
Update design to dump NORMAL priority only to align with legacy
design.
Bug: 188387185
Test: adb shell dumpsys connectivity
Test: adb bugreport and check the result in bugreport
Change-Id: I6825c5038e48e3060c0c3ad1512bd584ef6d10a7
Merged-In: I6825c5038e48e3060c0c3ad1512bd584ef6d10a7
This is declared in the API surface, but the implementation
does not match.
Ignore-AOSP-First: Needs cherry-picks
Test: atest CtsNetTestCases:android.net.cts.ConnectivityManagerTest#testGetAllNetworkStateSnapshots
Bug: 188140631
Change-Id: I97aa69651461ebe5c323ec669372f9a61b84e6a6
The legacy design of "dumpsys connectivity" will only dump
information with NORMAL priority. It was updated to provide
both NORMAL and HIGH priority information in order to support
dump in bugreport. However, it will also affect the result
using dumpsys connectivity.
Update design to dump NORMAL priority only to align with legacy
design.
Bug: 188387185
Test: adb shell dumpsys connectivity
Test: adb bugreport and check the result in bugreport
Change-Id: I6825c5038e48e3060c0c3ad1512bd584ef6d10a7
The legacy design of "dumpsys connectivity" will only dump
information with NORMAL priority. It was updated to provide
both NORMAL and HIGH priority information in order to support
dump in bugreport. However, it will also affect the result
using dumpsys connectivity.
Update design to dump NORMAL priority only to align with legacy
design.
Bug: 188387185
Test: adb shell dumpsys connectivity
Test: adb bugreport and check the result in bugreport
Change-Id: I6825c5038e48e3060c0c3ad1512bd584ef6d10a7
