When apps try to call factoryReset to do networking reset, it
will result in updating the setting in SettingsProvider.
ContentProvider will verify if the package name of the caller
that initiated the request being processed on the current thread.
The package should belong to the calling UID. The setting update
started from the ConnectivityService context, so the package will
be android but the calling UID will be the calling app. It will
cause a SecurityException. The behavior is fine previously as its
known caller(Settings) shares system UID. But it will be a
problem for other callers, such as CTS. Thus, clear the identity
since the necessary permission check should be examined at the
top of the method. The following actions should be fine to be
proceed from the system itself. Also replace the user restriction
check via hasUserRestrictionForUser with the UserHandle created
from the calling uid to ensure it's verified with correct user.
Bug: 186061922
Test: Factory reset from Settings
Merged-In: If2dd69f702a1eafff331f9e71f6b92aeadfb715d
Change-Id: If2dd69f702a1eafff331f9e71f6b92aeadfb715d
(cherry picked from commit 0b1b84179f10804a55561c0d6e0751efecf2c77a)
Stop reading legacy resources as fallback, and only use resources in
ServiceConnectivityResources.
Bug: 185850634
Test: atest CtsNetTestCases FrameworksNetTests
Change-Id: I224f1ef9a1a8d6e636c7e9550845ab3e1394d7f3
The resources are only read by NetworkStack through their respective
ApfCapabilities SystemApi methods.
As the resources are being migrated out of frameworks/base resources
anyway, move them directly to NetworkStack instead of moving them to
ServiceConnectivityResources.
Also test that the framework resources are not overlaid or modified.
This should avoid OEM integration errors where the overlays are kept as
in R, without overlaying the resource in the NetworkStack package.
Bug: 185850634
Test: atest CtsNetTestCases
BYPASS_INCLUSIVE_LANGUAGE_REASON=Need to mention legacy APIs
Merged-In: I7a15ddcad5af11fa307d9dbe3a77b31a1179e5b3
(clean cherry-pick)
Change-Id: I7a15ddcad5af11fa307d9dbe3a77b31a1179e5b3
Let PermissionMonitor read APPS_ALLOWED_ON_RESTRICTED_NETWORKS
setting and grant netd system permission to uids whose package
name is listed in setting.
Bug: 185149952
Test: atest FrameworksNetTests
Merged-In: I856b545c0339a262abbe9d432cfda125bc82dc12
(clean cherry-pick)
Change-Id: I856b545c0339a262abbe9d432cfda125bc82dc12
Currently, unprivileged apps can call getAllNetworks() to see
all networks on the system, even networks that do not apply to
them. Allow them to do this via NetworkCallbacks as well.
This is the last piece of information that was only available
through getAllNetworks, so this CL deprecates that API.
Bug: 187921303
Test: new unit tests
Test: CTS test in other CL in topic
Change-Id: I30f1021927d3c8eae6525116c61ff4a4acecff6d
The legacy design of "dumpsys connectivity" will only dump
information with NORMAL priority. It was updated to provide
both NORMAL and HIGH priority information in order to support
dump in bugreport. However, it will also affect the result
using dumpsys connectivity.
Update design to dump NORMAL priority only to align with legacy
design.
Bug: 188387185
Test: adb shell dumpsys connectivity
Test: adb bugreport and check the result in bugreport
Change-Id: I6825c5038e48e3060c0c3ad1512bd584ef6d10a7
Merged-In: I6825c5038e48e3060c0c3ad1512bd584ef6d10a7
This is declared in the API surface, but the implementation
does not match.
Ignore-AOSP-First: Needs cherry-picks
Test: atest CtsNetTestCases:android.net.cts.ConnectivityManagerTest#testGetAllNetworkStateSnapshots
Bug: 188140631
Change-Id: I97aa69651461ebe5c323ec669372f9a61b84e6a6
Yielding cell wins to exiting wifi (whether good or bad).
It loses to bad wifi that's not exiting.
In R, yielding to bad wifi only affects wifis that are
unvalidated, but a wifi that is exiting should still be
dropped in favor of a cell that yields to bad wifi.
I had misunderstood the policy and implemented it wrong.
Now it's implemented right, and has careful tests.
Test: new tests for this
Bug: 186458024
Change-Id: Ib8637100d491e72a2edb837584ce55b7dda58524
This change is to address API review, add respective
@IntDef for network policy API.
Typedef cannot be exposed as SystemApi so add
ConnectivityAnnotations class and add an annotation library
so that it can be used in module and platform.
Bug: 183972925
Test: m, build doc target framework-doc-stubs_annotations.zip
and check the APIs have an attribute IntDef annotation
Change-Id: Ie3ec40cf48818edd422a4550377774eae387d3b2
Move NetIdManager and ProfileNetworkPreferences from services/core to
packages/Connectivity/service.
This is a partial cherry-pick of a downstream change.
Bug: 186628461
Test: m
Merged-In: I454e8a0a8d0e0f9e6d21a8e8faf5a9e299962ad4
Change-Id: I6734c181dac39518b8d69be1e49d7f5f0a0a18da
The service-connectivity sources should be in
packages/modules/Connectivity. Move them to
frameworks/base/packages/Connectivity, so that the whole directory can
be moved to the dedicated packages/modules/Connectivity git project.
Bug: 186628461
Test: m
Merged-In: I26d1a274058fa38763ad4f605549d880865b4d76
Change-Id: Ie0562db92ebee269b901926d763ae907bde61b98
The service-connectivity sources should be in
packages/modules/Connectivity. Move them to
frameworks/base/packages/Connectivity, so that the whole directory can
be moved to the dedicated packages/modules/Connectivity git project.
Bug: 186628461
Test: m
Change-Id: I26d1a274058fa38763ad4f605549d880865b4d76
Migrate resource usage to the connectivity resource package.
For framework resources that have known overlays, keep a fallback until
the overlays can be migrated.
Bug: 182125649
Test: atest FrameworksNetTests
Merged-In: I778d94a5aac0c4e20e78b1ba3a002495c17a38a0
(clean cherry-pick)
Change-Id: I778d94a5aac0c4e20e78b1ba3a002495c17a38a0
Instead of the platform certificate, use a dedicated certificate.
The AOSP certificates are only used for testing as they have known keys,
and are replaced when resigning production images.
Key generated with:
openssl req -x509 -newkey rsa:4096 -nodes -days 999999 -keyout key.pem \
-out com.android.connectivity.resources.x509.pem
openssl pkcs8 -topk8 -inform PEM -outform DER -in key.pem -out \
com.android.connectivity.resources.pk8 -nocrypt
Fixes: 184808224
Fixes: 185462051
Test: m
Change-Id: I25cddc8d5ab948da9d3a2dbcd202ece1f61dd5a2
S tethering module fail to sideload in R platform because package
manager fail to parse S version sdk in R platform.
Bug: 182409819
Test: m
Change-Id: I35c63e4bfe7657afe1e7364926ab139b042b403e
Merged-In: I35c63e4bfe7657afe1e7364926ab139b042b403e
S tethering module fail to sideload in R platform because package
manager fail to parse S version sdk in R platform.
Bug: 182409819
Test: m
Change-Id: I35c63e4bfe7657afe1e7364926ab139b042b403e
We are enabling a new lint check where the min sdk != compile sdk.
It has produced a lot of errors and adding the baseline file(s)
allows us to continue work without introducing more problems.
Bug: 150847901
Test: m lint-check
Change-Id: Ide8a8fe80ba31396f23853ab266afcbcc33af9a6
Add an overlay boolean that allows setting the SIGN_IN notification as
an ongoing notification.
This can be useful to make sure users can always easily find the
notification to sign in to a captive portal, as studies have found that
some users have a tendency to dismiss notifications before reading them.
At the same time the notification shade is generally too crowded, which
is what causes such behaviors in the first place, so this option is not
enabled by default and should generally not be enabled without proper
user studies or metrics.
Bug: 173171709
Test: atest NetworkNotificationManagerTest
Change-Id: Ic187d2a2b7e49ad152ea2aa35bb784864b97473c
service-connectivity is not used by arc-services anymore, so it does not
need apex_available for the platform anymore.
Bug: 183691942
Test: m
Change-Id: I8e7aa59e517a3694b7c4c1ed1e29f4281777b62c
- Add a new transport type for USB and a new network capability
to support automotive head unit.
- In order to pass DnsManagerTest#testTransportTypesEqual, Android.bp
needs to link to dnsresolver_aidl_interface-V8-java. That test checks
whether the TRANSPORT types defined in NetworkCapabilities are the
same as IDnsResolver.aidl.
Bug: 181742019
Test: atest FrameworksNetTests
Change-Id: Iec2df09a776d779108f95098e01b7ffdf6f8867a
arc-services depends on service-connectivity, so it also needs to be
available to the platform.
Bug: 183668370
Test: m
Change-Id: Id82125e98abf59b1cc8cb3fceab376597f0496ed
Instead of using api_only: true, use a single java_sdk_library to
generate both framework-connectivity stubs and
framework-connectivity.impl.
Bug: 183600168
Test: m
Change-Id: I76d7cf1ba31a3f38ae6b9facbf1b668860c8c165
All targets need min_sdk_version 30 to be included in the tethering
APEX. They will actually never be used on SDK 30 and are only loaded on
31, but this is necessary to be included in com.android.tethering.
Bug: 171540887
Test: m
Change-Id: I190fd1f3c9fabff057d0a2bd7f45b63a4fe447b3
Instead of including the whole libc++ library by linking it dynamically,
use the static version so that unused symbols can be stripped.
This allows reducing the APEX size by 1MB (3.7MB -> 2.7MB), as otherwise
libc++ is included twice for 32 and 64 bit variants.
Bug: 171540887
Test: Device boots and has connectivity, size reduced
Change-Id: Ia66d795cf23d6f45997278300c103976433f7c5c
As all dependencies on hidden API have been removed, build
service-connectivity against system_server_current.
Bug: 171540887
Test: device boots, has connectivity
Change-Id: I454e8a0a8d0e0f9e6d21a8e8faf5a9e299962ad4
Also make getTransportName non-static so it can access the module
resources.
Also fix a duplicate comment in a resource file.
Bug: 183097033
Test: atest FrameworksNetTests
Test: connected to Wi-Fi with no Internet, observed notification
Change-Id: Ic0d24d36af0b87153d527083f8964ddc6cd78482
Merged-In: Ic0d24d36af0b87153d527083f8964ddc6cd78482
Migrate resource usage to the connectivity resource package.
For framework resources that have known overlays, keep a fallback until
the overlays can be migrated.
Bug: 182125649
Test: atest FrameworksNetTests
Change-Id: I778d94a5aac0c4e20e78b1ba3a002495c17a38a0
Use ServiceConnectivityResources instead.
Start by creating resources in the ServiceConnectivityResources package
to match the internal configuration, and common overlays.
Bug: 182125649
Test: device boots, has connectivity
Change-Id: I77a3efca2cd644f9828db1ed5d3cae8070fb8363
Merged-In: I77a3efca2cd644f9828db1ed5d3cae8070fb8363
