VPN types are defined in both VpnManager.java and NativeVpnType.aidl.
The definitions on both sides should match (except TYPE_VPN_NONE).
VpnManager.java:
TYPE_VPN_NONE = -1
TYPE_VPN_SERVICE = 1
TYPE_VPN_PLATFORM = 2
TYPE_VPN_LEGACY = 3
TYPE_VPN_OEM = 4
NativeVpnType.aidl:
SERVICE = 1
PLATFORM = 2
LEGACY = 3
OEM = 4
Bug: N/A
Test: atest android.net.VpnManagerTest#testVpnTypesEqual
Change-Id: Ie618e227d861100c5318da696140e486af1093a0
networkCreatePhysical and networkCreateVpn are non-extensible. In order
to pass OEM requested VPN type to Netd, we need to migrate to
networkCreate API.
Modify test code accordingly since networkCreatePhysical and
networkCreateVpn have been deprecated on Netd.
Bug: 171872481
Test: atest FrameworksNetTests
atest atest HostsideVpnTests
Change-Id: I50ab8615346c49559c16e815482e7804a1e765c8
This change adds support for IPsec forward policies, which are necessary
for packets to be allowed to be forwarded to another interface, as is
the case with tethering. This is necessary and useful only within the
system server, and as such is not exposed as a public API.
This change is safe, since the addition of a FWD policy on IPsec tunnel
interfaces will by default block forwarded traffic (as would be the case
without this patch). In the event that the (system) owner of the tunnel
requires support for forwarded packets (eg tethering), this patch allows
application of transforms in the FWD direction as well.
This will be used to ensure that the VCN can be used as the underlying
network for the purposes of tethering.
Bug: 185495453
Test: atest IpSecServiceTest
Test: atest IpSecServiceParameterizedTest
Test: manual testing with tethering over VCN
Change-Id: I74ecea71f1954029f6fbdbe34598c82e0aac386b
Update PrivateDnsMode from StringDef to IntDef because IntDef is
the normal way of representing multiple choices in public API.
Also update other related files.
Bug: 185311744
Test: 1. make update-api
2. atest FrameworksNetTests CtsNetTestCases CtsNetTestCasesLatestSdk
3. atest FrameworksServicesTests:DevicePolicyManagerTest
Change-Id: I23e7ec140066979726d769cabc5f7057bb2167e6
Merged-In: I23e7ec140066979726d769cabc5f7057bb2167e6
(Cherry-picked from ag/14227609)
- Querying PackageInfo should have MATCH_ANY_USER flag because
some apps are only installed for specific users. If no flag,
it will get NameNotFoundException.
- Also add missed break on switch case.
Bug: 186382373
Test: atests FrameworksNetTests
Change-Id: I37c8c42352a9a84ccbe9a37248febcd62b8f59e4
Changing the per-app default request flows to fallback to a request of
type TRACK_DEFAULT as opposed to type REQUEST. The main benefit of this
change is that these requests will no longer be sent to the factories
which is desired.
Bug: 180452284
Bug: 176494815
Test: atest FrameworksNetTests
atest FrameworksNetIntegrationTests
atest CtsNetTestCasesLatestSdk
Change-Id: I312e55a54f70aa82953a32ab9369d5afc02b75e5
Merged-In: I312e55a54f70aa82953a32ab9369d5afc02b75e5
Address API review feedback to:
- Rename NetworkAgent#setTeardownDelayMs to
NetworkAgent#setTeardownDelayMillis
- Use getters instead of fields in VpnTransportInfo
- Rename registerDefaultNetworkCallbackAsUid to
registerDefaultNetworkCallbackForUid in ConnectiivityManager
Bug: 183972850
Bug: 185246410
Fix: 184735863
Test: make update-api
Test: atest FrameworksNetTests
Test: atest CtsNetTestCasesLatestSdk
Change-Id: I5e8c4bed8bda40d507afa894c359b5e24ee5d868
Merged-In: I5e8c4bed8bda40d507afa894c359b5e24ee5d868
Migrate resource usage to the connectivity resource package.
For framework resources that have known overlays, keep a fallback until
the overlays can be migrated.
Bug: 182125649
Test: atest FrameworksNetTests
Merged-In: I778d94a5aac0c4e20e78b1ba3a002495c17a38a0
(clean cherry-pick)
Change-Id: I778d94a5aac0c4e20e78b1ba3a002495c17a38a0
Address API review feedback, add getters to UnderlyingNetworkInfo
instead of exposing fields.
Instead of wasting memory by converting this into an array, have
migrateTun take a List<String>. In turn, tunAdjustmentInit should
also take a List<String>.
(cherry picked from ag/14211075)
Bug: 183972554
Test: atest android.net.UnderlyingNetworkInfoTest
Merged-In: Id59744097208d91298a25ef110ade91a9cf291a1
Change-Id: Id59744097208d91298a25ef110ade91a9cf291a1
Address API council feedback, add getters to NetworkStateSnapshot
instead of exposing the bare fields directly.
(cherry picked from ag/14233655)
Bug: 183972826
Test: FrameworksNetTests
Merged-In: Id1707753b42ae88d2b95e4bd00a792609434e4f5
Change-Id: Id1707753b42ae88d2b95e4bd00a792609434e4f5
Address API review feedback, ConnectivityManager#getAllNetworkStateSnapshot
should be pluralized so rename the method to getAllNetworkStateSnapshots
(cherry picked from ag/14221105)
Bug: 183972554
Test: make, FrameworksNetTests
FrameworksServicesTests
Merged-In: Ic18d17d05984fa2466c962c7843c0ef7183ce77c
Change-Id: Ic18d17d05984fa2466c962c7843c0ef7183ce77c
Correctly count nri uid request counts in the per-app functionality in
connectivity currently used by set profile and set oem network
preference APIs. Previously, upon creation, nris would be created prior
to removing them. This would cause the uid request counts to
artificially increase and incorrectly throw an error if the request
count limit was hit even though in actuality an apps request count was
valid.
E.g., if there was an existing request for per-app functionality and
its owning app made a change to the per-app requests, it would double
count the existing requests. If the current count was say, one under the
limit, an error would be thrown even though it was being replaced which
should have resulted in no net change to the request count limit if
working correctly.
This patch will allow for the requests to be removed prior to creation
so that request counts are tabulated correctly.
Bug: 185849563
Bug: 183785319
Test: atest FrameworksNetTests
Change-Id: I13da0c81256cc02bea6aff2fe1ef99d6f6b0e764
Carrier merged wifi network is a specific cerrier wifi network
which provides the same user experience as mobile.
To support data usage accounting for carrier merged wifi,
the change provide several APIs in NetworkTemplate:
1. extend buildTemplateWifi so it could be used for matching
wifi networks with subscriber Id (IMSI).
2. add buildTemplateCarrier to let
NetworkPolicyManagerService creates a single policy for
a given carrier regardless of network type.
Bug: 176396812
Test: atest -c NetworkTemplateTest
Test: atest -c NetworkStatsServiceTest
Test: Manual Test with test code on mobile and wifi network.
1. buildTemplateCarrier includes the carrier wifi and
mobile usage
2. buildTemplateWifi can get carrier wifi usage and support the
filter via subscriberId
Change-Id: I667b4adf3eec0bdd3a7385109dd8c1fae8e7be32
Adding historical logging for the setOemNetworkPreference() calls. This
will last across reboots.
Bug: 177257940
Bug: 176494815
Test: atest FrameworksNetTests
Change-Id: I4fc35fd58ff741830aa292adc1c559b4279ad8f9
This commit addresses the API review feedback that getUid()
will be better to make it be a method on UserHandle itself
rather than a static method.
Update as it is and update the corresponding usages.
Fix: 184735865
Test: make update-api
Test: atest FrameworksNetTests
Test: atest CtsNetTestCasesLatestSdk
Change-Id: I33844309224d84764704255d251fadc8940202ca
The value should be assigned as a long to do the bit calculation
as the mNetworkCapabilities is intended to be a long. Otherwise,
the value will be temporary assigned into an integer then
assigned to the target long. When the bit shift calculation
is out of the integer scope, the calculation will overflow and
result in unexpected bebavior.
Without assigning to a long, ConnectivityServiceTest will get
Out-Of-Memory in StringBuilder while generating toString() in
NetworkCapabilities after updating tests to verify
NET_CAPABILITY_VSIM and NET_CAPABILITY_BIP.
Bug: 130869457
Test: atest FrameworksNetTests
Change-Id: I4d34c1215c7efb6dc352c314107792e3fa512ad7
UserManager#isManagedProfile() is not aware of the user
handle of the context the UM instance is created on.
Instead, call isManagedProfile(int).
Bug: 183625645
Test: ConnectivityServiceTest
Change-Id: I1fef22d67d75df25a8c2d0694f857c3e1c1a1306
This change downgrades API visibility for the list-of-subIds in the
NetworkCapabilities to SystemApi
Bug: 175662146
Test: atest NetworkCapabilitiesTest#testSubIds
Test: atest FrameworksNetTests
Change-Id: I372fa9eaa7585aefd1710948ca007456feedd578
- This will be visible only to apps with the NETWORK_SETTINGS
permissions (signature), and will be redacted for all other callers.
- This string is expected to be the same as set by
VpnService#setSession, and in general, VpnConfig.session. But it
will be a general API that Vpn.java can call when setting the
VpnTransportInfo.
- This string cannot be updated once the VPN NetworkAgent is connected.
Bug: 171872481
Test: atest ConnectivityServiceTest
atest VpnTransportInfoTest
atest android.net.cts.NetworkAgentTest
Change-Id: I8d09e25b83f7ee8be21ec9c9bd3c72a251f1370d
Merged-In: I8d09e25b83f7ee8be21ec9c9bd3c72a251f1370d
(cherry-picked from ag/14011912)
When WiFi disconnects, the VPN disconnects immediately. The
broadcast can therefore be sent before the broadcast receiver is
registered, which causes the receiver to not see the broadcast.
The puzzling part is that CONNECTIVITY_ACTION is a sticky
broadcast, so one would expect the broadcast to still be
received, even if the registration is done after the broadcast
is sent. The reason this doesn't happen is that the context used
by the test is a BroadcastInterceptingContext, which does not
treat sticky broadcasts as sticky.
Bug: 184115648
Test: atest --iterations 1000 'ConnectivityServiceTest#testLegacyLockdownVpn'
Change-Id: Ib44c92839d25951cc7d2db0f923e1b104690e1e0
Give anyone with PERMISSION_MAINLINE_NETWORK_STACK (i.e.,
either the system or the networkstack process) a separate limit
of 250 callbacks per UID.
Bug: 183921387
Test: new unit tests
Change-Id: I24580ea48e3ad502ef584efc5fde0b5d22e392b4
* changes:
Add test coverage for NetworkAgent callbacks.
Add a setTeardownDelayMs API to NetworkAgent.
Address comments on onBlockedStatusChanged(Network, int) CL.
It isn't used by ConnectivityService any more and even if
it needs such utility method in the future, we could create
one which is part of connectivity module and doesn't need
to be exposed as part of NetworkPolicyManager API surface.
Bug: 183696103
Test: atest ./tests/net/java/com/android/server/ConnectivityServiceTest.java
Change-Id: Ie3c681f88e4b2b9bb92d2224c5ea96b074f155d5
