These constants will now be including all the reasons for why an
uid's network access can be blocked, instead of only the
restrictions that could be imposed by NPMS.
Bug: 183473548
Test: atest ./tests/cts/hostside/src/com/android/cts/net/HostsideRestrictBackgroundNetworkTests.java
Merged-In: I4c544415e12adf442fd2415c371b1b70a39c3aa4
Change-Id: I6dcea43fbefa9eac8b5a971b822a5be5422a54b4
NetworkUtils can just use the NDK to achieve the same.
Also make sure network handles can have the local nameservers flag, for
the JNI API, and create/parse them accordingly in Network.
Bug: 171540887
Test: atest CtsNetTestCases (in particular MultinetworkApiTest,
DnsResolverTest, NetworkTest)
Change-Id: I2e7b78263f7ca0cab9458854858a7423f6bd2854
These constants will now be including all the reasons for why an
uid's network access can be blocked, instead of only the
restrictions that could be imposed by NPMS.
Bug: 183473548
Test: atest ./tests/cts/hostside/src/com/android/cts/net/HostsideRestrictBackgroundNetworkTests.java
Ignore-AOSP-First: Merging internally first to handle conflicts.
Change-Id: I4c544415e12adf442fd2415c371b1b70a39c3aa4
Currently, queryUserAccess talks to netd via FwmarkServer.
Doing this from the module would require exposing queryUserAccess
as an NDK API or reimplementing FwmarkClient.
Because queryUserAccess really only uses information that comes
from ConnectivityService/PermissionMonitor anyway, just use that
information without calling to net.
Test: atest HostsideVpnTests
Bug: 171540887
Change-Id: If855de1ea3e1fd2ed30f2795d9b4acfcf969a2dc
Register network callback for all networks and record
NetworkCapabilities for every networks. Once onDnsEvent is
triggered, use the netId it passes in to find the corresponding
NetworkCapabilities instead of using netId to create a Network
object(hidden API) then get the NetworkCapabilities by
ConnectivityManager#getNetworkCapabilities.
Bug: 182963397
Test: m
Test: atest IpConnectivityMetricsTest
Test: atest NetdEventListenerServiceTest
Change-Id: I91d68ca33253831b78def1ddeb074ba944a5d6ad
One second to start the test NetworkStack service and obtain
a NetworkMonitor is too tight.
Change-Id: I3ac600276b6248c70c6239b0c9531913dc44096e
Test: atest ConnectivityServiceIntegrationTest
setOwnerUid() and setAdministratorUids() should run in R+.
Previous logic will skip them in S+. Correct the logic to
what it should be.
Bug: 172183305
Test: atest android.net.NetworkCapabilitiesTest
Change-Id: Ic983aa00f930fb26350469ef093bcba2990433a4
Netd should be obtained via getSystemService, and
ModuleNetworkStackClient must be used instead of NetworkStackClient for
modules.
Bug: 171540887
Test: m
Change-Id: Ibe703ac56dd70673115cd8b95b44b856a7fc01f3
The connection service will become the mainline module.
Remove the hidden API usage of NetworkAgent.
Bug: 170598012
CTS-Coverage-Bug: 170598012
Test: atest FrameworksNetTests FrameworksTelephonyTests
atest FrameworksWifiTests
Change-Id: I4e4040ae7f94bdf479c7df9ec2ffabafbe06331c
NetworkCapabilities is included in framework-connectivity, so external
module cannot have dependencies on its hidden API. Move the method to
libs/net so that external modules can use it by including the library.
Bug: 178777253
Test: FrameworksNetTests
Change-Id: I77970b3a5e5e0e9d263639694b1f06519169bf64
- Add @VisibleForTesting & @Nullable for Vpn#getNetwork().
- Remove null check in caller side(test) of Vpn#getNetwork()
because if the code is working properly, it can never be null.
Bug: 182963397
Test: atest FrameworksNetTests
Change-Id: Ic52864003fbebd9f4e95d43fefc2e168437b0122
This is to be used by privileged components (e.g., JobScheduler)
to request callbacks about the state of other UIDs on the system.
Bug: 165835257
Test: new unit test coverage
Change-Id: I29f155710394e58c14fcef488db6271d8d83033a
Modify Vpn#getNetId() to Vpn#getNetwork() and uses NETID_UNSET
when getNetwork() returns null in ConnectivityServiceTest.
Bug: 182963397
Test: atest FrameworksNetTests
Change-Id: I69d449705b1dc541287c72af8dc7705dc4733109
When registerDefaultNetworkCallback is called by an app that has
NETWORK_SETTINGS, the UID of the app is forgotten and the request
that is filed has an empty UID set. This results in that request
matching networks that have UID ranges that do not include it,
e.g., VPNs.
Fix this by ensuring that the UID ranges are properly set.
Bug: 165835257
Test: updated specific tests for this bug
Change-Id: I90bf79573342c144d1cfbc2f61a3155fdd5b1fa7
Currently, if a process with NETWORK_SETTINGS registers a default
network callback, its uid will be ignored and replaced with an
empty list of UIDs. This means it will incorrectly match VPNs
with any UID range.
Add a test for this bug to make it easier to review the upcoming
change that fixes it.
Bug: 165835257
Test: test-only change
Change-Id: If58524b01fdd60045fb7236d17dedf31fb563f99
* changes:
TransportInfo: Add a generic redaction mechanism
Revert "Revert "Expose uids related APIs in NetworkRequest and N..."
Revert^2 "Replace the usage of UidRange"
Also make getTransportName non-static so it can access the module
resources.
Also fix a duplicate comment in a resource file.
Bug: 183097033
Test: atest FrameworksNetTests
Test: connected to Wi-Fi with no Internet, observed notification
Change-Id: Ic0d24d36af0b87153d527083f8964ddc6cd78482
Merged-In: Ic0d24d36af0b87153d527083f8964ddc6cd78482
ag/13210542 switched from using reset() on mResources to using
clearInvocations(). This ensures that only the previous calls are
reset, and that the mock continues to behave according to what
was specified in setUp.
Test: 183097033
Test: test-only change
Merged-In: I35d28c8df341dbbac2774026c6ca749e296c0482
Change-Id: Ieef982d2df50db3014f35f58a77674939ebe0d43
