Currently, when an always-on VPN is set in lockdown mode, Vpn
configures prohibit UID rules in netd directly and does not
inform ConnectivityService of the fact.
This means that ConnectivityService cannot send NetworkCallbacks
that tells apps that they are blocked or unblocked. It also means
that ConnectivityService has to take the mVpns lock and call into
Vpn to allow synchronous APIs such as getActiveNetwork to return
BLOCKED if the app is blocked.
Move all this to ConnectivityService:
- Add a setRequireVpnForUids API to ConnectivityManager, and have
that pass the routing rules to netd.
- Update VpnTest to expect calls to ConnectivityManager instead
of to netd.
- Whenever setRequireVpnForUids is called, ensure that
ConnectivityService sends onBlockedStatusChanged to the
affected callbacks.
- Update existing unit tests to check for callbacks.
- Add a way to find the VPN that applies to a given UID without
taking the VPN lock, by instead scanning all connected VPNs.
Use this as a replacement for direct access to mVpns.
For simplicity, and in order to ensure proper ordering between
the NetworkCallbacks sent for VPNs connecting and disconnecting,
process blocked UID ranges on the handler thread. This means that
when setRequireVpnForUids returns, the rule changes might not
have been applied. This shouldn't impact apps using network
connectivity, but it might mean that apps setting an always-on
package, and then immediately checking whether networking is
blocked, will see a behaviour change.
Bug: 173331190
Fix: 175670887
Test: new test coverage in ConnectivityServiceTest
Test: atest MixedDeviceOwnerTest#testAlwaysOnVpn \
MixedDeviceOwnerTest#testAlwaysOnVpnLockDown \
MixedDeviceOwnerTest#testAlwaysOnVpnAcrossReboot \
MixedDeviceOwnerTest#testAlwaysOnVpnPackageUninstalled \
MixedDeviceOwnerTest#testAlwaysOnVpnUnsupportedPackage \
MixedDeviceOwnerTest#testAlwaysOnVpnUnsupportedPackageReplaced \
MixedDeviceOwnerTest#testAlwaysOnVpnPackageLogged \
MixedProfileOwnerTest#testAlwaysOnVpn \
MixedProfileOwnerTest#testAlwaysOnVpnLockDown \
MixedProfileOwnerTest#testAlwaysOnVpnAcrossReboot \
MixedProfileOwnerTest#testAlwaysOnVpnPackageUninstalled \
MixedProfileOwnerTest#testAlwaysOnVpnUnsupportedPackage \
MixedProfileOwnerTest#testAlwaysOnVpnUnsupportedPackageReplaced \
MixedProfileOwnerTest#testAlwaysOnVpnPackageLogged \
MixedManagedProfileOwnerTest#testAlwaysOnVpn \
MixedManagedProfileOwnerTest#testAlwaysOnVpnLockDown \
MixedManagedProfileOwnerTest#testAlwaysOnVpnAcrossReboot \
MixedManagedProfileOwnerTest#testAlwaysOnVpnPackageUninstalled \
MixedManagedProfileOwnerTest#testAlwaysOnVpnUnsupportedPackage \
MixedManagedProfileOwnerTest#testAlwaysOnVpnUnsupportedPackageReplaced \
MixedManagedProfileOwnerTest#testAlwaysOnVpnPackageLogged
Test: atest FrameworksNetTests HostsideVpnTests \
CtsNetTestCases:VpnServiceTest \
CtsNetTestCases:Ikev2VpnTest
Change-Id: Iaca8a7cc343aef52706cff62a7735f338cb1b772
In order to support ConnectivityService mainline, module should
not use hidden APIs. The logic to get mobile provision is moved
to telephony surface since it's only used by telephony.
Hence, remove the design out from Connectivity.
Bug: 175177794
Test: atest FrameworksNetTests
Change-Id: Ic3082fc1c4d7ac998f4e4cff1351e6829d500924
Use two oneway binder interfaces instead.
The interfaces post messages to handlers as was implemented before, but
provide a more strictly defined interface, with less hops between
NetworkAgent, AsyncChannel, and ConnectivityService.
The actual public interface is the NetworkAgent @SystemApi: the binder
interface is an internal implementation detail.
Test: atest FrameworksNetTests CtsNetTestCasesLatestSdk
Bug: 173574274
Merged-In: Ie364ab50f416e7821e70f4539a881eea828e1256
Change-Id: Ie364ab50f416e7821e70f4539a881eea828e1256
Reference for NMS in ConnectivityManager should be removed for
incoming CS mainline. The API for listening network activity
should not go into NMS. As an alternative, the registry requests
should be sent to CS and handled by CS. Add necessary alternative
in IConnectivityManger first. The detail implementation will be
added in the follow up commits.
Bug: 170598012
Test: m
Change-Id: If4d24b937feb88a61f22073af2f671cf20298364
Previously, the phone ID was appended to the broadcast in DCT and sent
to ConnectivityManager. Instead of sending both as an action, send the
phone ID as an extra instead to make the action a protected broadcast.
Test: manually verify a SecurityException when action provision is sent
Test: atest DcTrackerTest
Bug: 172459128
Change-Id: Ic4129def86949d7191d15056852718dadbd72fba
Merged-In: Ic4129def86949d7191d15056852718dadbd72fba
getActiveNetworkQuotaInfo has never been in API surface since it
was introduced. It became essentially functionless since android O,
so there should be no usage dependency upon the hidden method,
In order to support ConnectivityService mainline, remove the
useless function to prevent necessary dependency.
Bug: 172183305
Test: atest FrameworksNetTests
Change-Id: Ia685b3260256d465ef614b2f577d13344074c787
This is consistent with NattKeepalivePacketData, which is also a
subclass of KeepalivePacketData.
TcpKeepalivePacketData is already used by the wifi module, but
statically linked.
Bug: 172789687
Test: m
Change-Id: I6aee1ae205987521bea4a3838bbece279ffa0e37
* changes:
Remove support for legacy network agents
Remove deprecated constructors for NetworkAgent
Migrate NetworkAgentWrapper to the new NA API
Cleanup TestNetworkService
* changes:
Add a convenience method to update a network's capabilities.
Disallow NetworkAgents from changing the owner UID.
Observe mOwnerUID in NetworkCapabilities#equals.
Currently, NetworkCapabilities's equals and hashCode methods
ignore mOwnerUID. This is confusing because it is inconsistent
with pretty much every other member of this class.
Bug: 175188445
Test: atest CtsNetTestCases:NetworkAgentTest \
CtsNetTestCases:Ikev2VpnTest \
CtsNetTestCases:VpnServiceTest HostsideVpnTests \
CtsNetTestCases:android.net.cts.ConnectivityDiagnosticsManagerTest \
ConnectivityServiceTest com.android.server.connectivity.VpnTest
Change-Id: I2348b7a35f32a931687f2d3c2fa57620a12fe06f
Connectivity service is going to become a mainline module which
will not be able to access hidden APIs. TcpKeepaliveController
is a part of CS mainline module, it uses TcpRepairWindow to
store tcp repair window info. Thus, expose TcpRepairWindow as
module-lib API to support the usage.
Bug: 172183305
Test: atest FrameworksNetTests
Change-Id: I1b6f5ae698f4b6e030a0f776aeafc774fa9f1437
Finally.
Now that mLegacy is always false, removing the support
for legacy agents, a follow-up change will remove
the member and all the associated code.
Test: FrameworksNetTests NetworkStackTests
Bug: 167544279
Change-Id: I6e2c27facdd3ecc232a0aa32bf57c33cb06f118e
NetworkUtils is planned to move to a dedicated JAR for connectivity
classes, while NetworkUtilsInternal would stay in the
frameworks-minus-apex JAR, in the com.android.internal.net package.
Bug: 171540887
Test: m, boots, wifi working
atest FrameworksNetTests
Change-Id: I3d38d72ad23a4bf84af823c7baeb6fed25c0665f
The legacy metrics are deprecated, and CaptivePortal is planned to move
to a connectivity-specific jar which cannot reference MetricsEvents.
Bug: 171540887
Test: m
Change-Id: I409375de3844a7fedef707cf9e19a106d82a8e3a
This follows other TYPE_* constants like TYPE_WIFI_P2P that are
@SystemApi or public.
TYPE_PROXY has a use-case for the system to set network policies based
on proxy network templates. Although network types are deprecated, that
use-case needs to be supported and significant amounts of network
management would need to be rewritten to stop using network types.
The constant needs to be API as ConnectivityManager is planned to move
out of framework.jar, so only its formal API will be available to the
system server.
Bug: 174436414
Test: m
Change-Id: I266ed6bc59f5eb72302afe14472c93933733c8f8
Instead of sharing the constant from LinkProperties, use the already
defined constant in the NetworkConstants class.
This allows Ikev2VpnProfile to allow depending on non-public
LinkProperties APIs, as LinkProperties is planned to move to
framework-connectivity.
Bug: 174436414
Test: m
Change-Id: I594bb7e81bc7681799c16eff621a5ffd1b29624c
On top of being a cleanup this is useful for the S Network
Selection project that will need to enrich the Network
Agent API, and as such should not have to support legacy
agents.
Test: FrameworksNetTests NetworkStackTests
Bug: 167544279
Change-Id: Id3e5f6e19829c64074cd6a52c5f950cee56b860b
ConnectivityService may not be available in a NetworkProvider
constructor, if it is created (but still unused) before
ConnectivityService starts.
As ConnectivityManager is only necessary in
declareNetworkRequestUnfulfillable, which should not be called often,
just query ConnectivityManager at that point.
This is necessary for VcnManagementService, which is started before
ConnectivityService and creates its NetworkProvider in its constructor.
Fortunately VcnManagementService does not call
declareNetworkRequestUnfulfillable at this point.
ConnectivityManager may be migrated to classic service getters that
cache "null" when the service was not available the first time it is
queried, so no system service must query it before it starts.
Bug: 171540887
Test: atest FrameworksNetTests:NetworkProviderTest
Change-Id: I8dadcd0e1360a9464192f330493e13aa69dd9fe2
This CL allows an app that has the MANAGE_TEST_NETWORKS
permission to create test VPN networks.
The code enforces that such networks can never apply to any UIDs
and thus will never carry any traffic.
Bug: 173331190
Test: passes existing tests, moved tests pass
Change-Id: I5befea0e3b4b6dce4ca0c6a04471a055186b644c
Add support to ConnectivityService to track underlying networks
directly instead of through the Vpn class.
1. Communicate all information necessary to propagate underlying
network capabilities to ConnectivityService via NetworkAgent.
This includes:
a. Underlying networks:
- Add SystemApi for NetworkAgent to declare its underlying
networks to ConnectivityService, and use it in Vpn.
- Add a new declaredUnderlyingNetworks member to
NetworkAgentInfo and store the underlying networks in it.
Move propagation of underlying network capabilities to
mixInCapabilities, which is a natural place for it.
b. "Always metered" bit:
- Communicate this to ConnectivityService via the existing
NOT_METERED capability. Store it in a new declaredMetered
boolean in NetworkAgentInfo to separate it cleanly from
the NOT_METERED bit in the capabilities, which depends on
whether the underlying networks are metered or not. In
order to ensure that this is only ever changed when a NC
update is received from a NetworkAgent, define a new
processCapabilitiesFromAgent similar to the existing
processLinkPropertiesFromAgent.
2. Ensure that propagating underlying network capabilities does
not read the VPN's NetworkCapabilities. In order to do this,
ensure that all relevant information on underlying networks
and metering is sent to ConnectivityService at NetworkAgent
registration time. CS still calls Vpn#updateCapabilities when
a user is added/removed, but that is deleted in a future CL.
3. Slightly generalize propagating underlying network
capabilities because there may be other network types that
also have underlying networks that aren't VPNs (e.g., VCN).
- Introduce a new supportsUnderlyingNetworks() boolean method
in NetworkAgentInfo.
- Rename updateAllVpnsCapabilities to
propagateUnderlyingNetworkCapabilities.
This commit does not move the actual logic of calculating the
underlying capabilities out of Vpn.java. That can be done in a
subsequent change once CS stops calling getUnderlyingNetworks().
This commit also does not modify any of the other code in CS that
directly accesses VPNs' underlying networks.
Bug: 173331190
Test: passes existing tests in ConnectivityServiceTest
Test: CTS test in r.android.com/1511114
Test: atest CtsNetTestCases:Ikev2VpnTest HostsideVpnTests
Change-Id: I5f76cb1aa4866efed3d5c4590e931fdb0e994f8d
MIN_MTU_V6 is increasingly used, and the LinkProperties version is used
as a source of truth for the constant.
Bug: 163602123
Test: atest FrameworksNetTests
Change-Id: I67134cd4fb7e2cf59c36947b62f681ac9b94ea4a
1. The current code only prints the array of administrator UIDs
if it's empty. This is clearly an oversight. Print it only if
it's non-empty.
2. Only print requestor UID and package name if they are set.
This makes output shorter in the common case that they are
unset.
3. Reorder the output at the end: group all UIDs together, and
place SSID and private DNS broken bit after that.
4. Make the private DNS broken indication a single word instead
of a sentence. This saves space and makes it easier to write
regexps.
New format:
... SignalStrength: -72 OwnerUid: 1000 AdminUids: [1000] SSID: ...
... Uid: 1000 RequestorUid: 1000 RequestorPkg: android ...
Test: manual
Change-Id: I2f5ccc1d9e4af6ddacc4d193185a17723822972b
Updating comments for network preferences to better clarify that
preferences which include more than one network type will then rely on
scoring to determine which of those networks are chosen.
Bug: 171795464
Test: atest FrameworksNetTests
Change-Id: I9eb5683f2cd69281bbee9fb70028d45f07720914
These are APIs that have @UnsupportedAppUsage but for which we don't
have any evidence of them currently being used, so should be safe to
remove from the unsupported list.
Bug: 170729553
Test: Treehugger
Merged-In: I626caf7c1fe46c5ab1f39c2895b42a34319f771a
Change-Id: I54e5ecd11e76ca1de3c5893e3a98b0108e735413
Modern network agents are supposed to have the following
lifecycle :
• Construct the agent
• Declare itself to connectivity by calling #register()
• Possibly do some setup
• Declare connected by calling #markConnected()
• Declare disconnected by calling #unregister()
Internally ConnectivityService still manages the state
with deprecated NetworkInfo, which has a lot of possible
detailed states, most of which are now unused. Internally,
the steps above translate to the states below :
• When the agent calls #register() it starts in state
CONNECTING
• When it calls #markConnected() it goes to CONNECTED
• When it calls #unregister() it goes to DISCONNECTED which
triggers the flow that disconnects it immediately
• ConnectivityService also synthesizes the SUSPENDED state
under some situations, but that's not relevant here.
The translation above is done by the NetworkAgent class,
which translates #register(), #markConnected() and
The only valid lifecyle for new agents is thus :
CONNECTING → CONNECTED → disconnect
↕ ↑
SUSPENDED ───┘
Note that in the above scheme, there is no space for the
UNKNOWN state, which is only used by legacy network agents.
However, the constructor for NetworkInfo still starts with
UNKNOWN. Ideally the constructor for NetworkInfo would set
the info to CONNECTING instead, but this would be a very
visible change in behavior affecting many apps (especially
their tests), so for backward compatibility we can't do
that.
New network agents however don't expose their NetworkInfo
to the client code, so they can just be made to start in
CONNECTING the way it was meant.
Note that this didn't really have a concrete impact beyond
printing some logs as by and large the ConnectivityService
code handles UNKNOWN and CONNECTING the same way, or more
exactly it handles transitions to CONNECTED from UNKNOWN
and CONNECTING in the same way. The exception to this is
VPNs, which are not using the new agent API yet, and the
upcoming conversion is why this fix is actually needed now.
Bug: 170904131
Test: FrameworksNetTests NetworkStackTests
Test: new test in aosp/1460705
Change-Id: Ib7d906a7b29a0b9f000b90bc78558a7402852fa3
Adding network capability to be used with networks to be only used by
OEM apps.
Bug: 171505922
Test: atest CtsNetTestCasesLatestSdk:NetworkCapabilitiesTest
Change-Id: Ib55ebec0e178b6317d92f17e1aff060dacdfb2b1
