Merge "Whitelist packages from VPN lockdown." am: efc773525c
am: 295016b22b
Change-Id: I643fc2603f7cd2b928fe517eb473048004273835
This commit is contained in:
Pavel Grafov
@@ -4468,12 +4468,17 @@ public class DevicePolicyManager {
|
||||
return null;
|
||||
}
|
||||
|
||||
/**
|
||||
* Service-specific error code used in implementation of {@code setAlwaysOnVpnPackage} methods.
|
||||
* @hide
|
||||
*/
|
||||
public static final int ERROR_VPN_PACKAGE_NOT_FOUND = 1;
|
||||
|
||||
/**
|
||||
* Called by a device or profile owner to configure an always-on VPN connection through a
|
||||
* specific application for the current user. This connection is automatically granted and
|
||||
* persisted after a reboot.
|
||||
* <p>
|
||||
* To support the always-on feature, an app must
|
||||
* <p> To support the always-on feature, an app must
|
||||
* <ul>
|
||||
* <li>declare a {@link android.net.VpnService} in its manifest, guarded by
|
||||
* {@link android.Manifest.permission#BIND_VPN_SERVICE};</li>
|
||||
@@ -4482,12 +4487,13 @@ public class DevicePolicyManager {
|
||||
* {@link android.net.VpnService#SERVICE_META_DATA_SUPPORTS_ALWAYS_ON}.</li>
|
||||
* </ul>
|
||||
* The call will fail if called with the package name of an unsupported VPN app.
|
||||
* <p> Enabling lockdown via {@code lockdownEnabled} argument carries the risk that any failure
|
||||
* of the VPN provider could break networking for all apps.
|
||||
*
|
||||
* @param vpnPackage The package name for an installed VPN app on the device, or {@code null} to
|
||||
* remove an existing always-on VPN configuration.
|
||||
* @param lockdownEnabled {@code true} to disallow networking when the VPN is not connected or
|
||||
* {@code false} otherwise. This carries the risk that any failure of the VPN provider
|
||||
* could break networking for all apps. This has no effect when clearing.
|
||||
* {@code false} otherwise. This has no effect when clearing.
|
||||
* @throws SecurityException if {@code admin} is not a device or a profile owner.
|
||||
* @throws NameNotFoundException if {@code vpnPackage} is not installed.
|
||||
* @throws UnsupportedOperationException if {@code vpnPackage} exists but does not support being
|
||||
@@ -4496,11 +4502,46 @@ public class DevicePolicyManager {
|
||||
public void setAlwaysOnVpnPackage(@NonNull ComponentName admin, @Nullable String vpnPackage,
|
||||
boolean lockdownEnabled)
|
||||
throws NameNotFoundException, UnsupportedOperationException {
|
||||
setAlwaysOnVpnPackage(admin, vpnPackage, lockdownEnabled, Collections.emptyList());
|
||||
}
|
||||
|
||||
/**
|
||||
* A version of {@link #setAlwaysOnVpnPackage(ComponentName, String, boolean)} that allows the
|
||||
* admin to specify a set of apps that should be able to access the network directly when VPN
|
||||
* is not connected. When VPN connects these apps switch over to VPN if allowed to use that VPN.
|
||||
* System apps can always bypass VPN.
|
||||
* <p> Note that the system doesn't update the whitelist when packages are installed or
|
||||
* uninstalled, the admin app must call this method to keep the list up to date.
|
||||
*
|
||||
* @param vpnPackage package name for an installed VPN app on the device, or {@code null}
|
||||
* to remove an existing always-on VPN configuration
|
||||
* @param lockdownEnabled {@code true} to disallow networking when the VPN is not connected or
|
||||
* {@code false} otherwise. This has no effect when clearing.
|
||||
* @param lockdownWhitelist Packages that will be able to access the network directly when VPN
|
||||
* is in lockdown mode but not connected. Has no effect when clearing.
|
||||
* @throws SecurityException if {@code admin} is not a device or a profile
|
||||
* owner.
|
||||
* @throws NameNotFoundException if {@code vpnPackage} or one of
|
||||
* {@code lockdownWhitelist} is not installed.
|
||||
* @throws UnsupportedOperationException if {@code vpnPackage} exists but does
|
||||
* not support being set as always-on, or if always-on VPN is not
|
||||
* available.
|
||||
*/
|
||||
public void setAlwaysOnVpnPackage(@NonNull ComponentName admin, @Nullable String vpnPackage,
|
||||
boolean lockdownEnabled, @Nullable List<String> lockdownWhitelist)
|
||||
throws NameNotFoundException, UnsupportedOperationException {
|
||||
throwIfParentInstance("setAlwaysOnVpnPackage");
|
||||
if (mService != null) {
|
||||
try {
|
||||
if (!mService.setAlwaysOnVpnPackage(admin, vpnPackage, lockdownEnabled)) {
|
||||
throw new NameNotFoundException(vpnPackage);
|
||||
mService.setAlwaysOnVpnPackage(
|
||||
admin, vpnPackage, lockdownEnabled, lockdownWhitelist);
|
||||
} catch (ServiceSpecificException e) {
|
||||
switch (e.errorCode) {
|
||||
case ERROR_VPN_PACKAGE_NOT_FOUND:
|
||||
throw new NameNotFoundException(e.getMessage());
|
||||
default:
|
||||
throw new RuntimeException(
|
||||
"Unknown error setting always-on VPN: " + e.errorCode);
|
||||
}
|
||||
} catch (RemoteException e) {
|
||||
throw e.rethrowFromSystemServer();
|
||||
@@ -4508,6 +4549,51 @@ public class DevicePolicyManager {
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Called by device or profile owner to query whether current always-on VPN is configured in
|
||||
* lockdown mode. Returns {@code false} when no always-on configuration is set.
|
||||
*
|
||||
* @param admin Which {@link DeviceAdminReceiver} this request is associated with.
|
||||
*
|
||||
* @throws SecurityException if {@code admin} is not a device or a profile owner.
|
||||
*
|
||||
* @see #setAlwaysOnVpnPackage(ComponentName, String, boolean)
|
||||
*/
|
||||
public boolean isAlwaysOnVpnLockdownEnabled(@NonNull ComponentName admin) {
|
||||
throwIfParentInstance("isAlwaysOnVpnLockdownEnabled");
|
||||
if (mService != null) {
|
||||
try {
|
||||
return mService.isAlwaysOnVpnLockdownEnabled(admin);
|
||||
} catch (RemoteException e) {
|
||||
throw e.rethrowFromSystemServer();
|
||||
}
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
/**
|
||||
* Called by device or profile owner to query the list of packages that are allowed to access
|
||||
* the network directly when always-on VPN is in lockdown mode but not connected. Returns
|
||||
* {@code null} when always-on VPN is not active or not in lockdown mode.
|
||||
*
|
||||
* @param admin Which {@link DeviceAdminReceiver} this request is associated with.
|
||||
*
|
||||
* @throws SecurityException if {@code admin} is not a device or a profile owner.
|
||||
*
|
||||
* @see #setAlwaysOnVpnPackage(ComponentName, String, boolean, List)
|
||||
*/
|
||||
public List<String> getAlwaysOnVpnLockdownWhitelist(@NonNull ComponentName admin) {
|
||||
throwIfParentInstance("getAlwaysOnVpnLockdownWhitelist");
|
||||
if (mService != null) {
|
||||
try {
|
||||
return mService.getAlwaysOnVpnLockdownWhitelist(admin);
|
||||
} catch (RemoteException e) {
|
||||
throw e.rethrowFromSystemServer();
|
||||
}
|
||||
}
|
||||
return null;
|
||||
}
|
||||
|
||||
/**
|
||||
* Called by a device or profile owner to read the name of the package administering an
|
||||
* always-on VPN connection for the current user. If there is no such package, or the always-on
|
||||
|
||||
@@ -182,8 +182,10 @@ interface IDevicePolicyManager {
|
||||
void setCertInstallerPackage(in ComponentName who, String installerPackage);
|
||||
String getCertInstallerPackage(in ComponentName who);
|
||||
|
||||
boolean setAlwaysOnVpnPackage(in ComponentName who, String vpnPackage, boolean lockdown);
|
||||
boolean setAlwaysOnVpnPackage(in ComponentName who, String vpnPackage, boolean lockdown, in List<String> lockdownWhitelist);
|
||||
String getAlwaysOnVpnPackage(in ComponentName who);
|
||||
boolean isAlwaysOnVpnLockdownEnabled(in ComponentName who);
|
||||
List<String> getAlwaysOnVpnLockdownWhitelist(in ComponentName who);
|
||||
|
||||
void addPersistentPreferredActivity(in ComponentName admin, in IntentFilter filter, in ComponentName activity);
|
||||
void clearPackagePersistentPreferredActivities(in ComponentName admin, String packageName);
|
||||
|
||||
@@ -1014,14 +1014,20 @@ public class ConnectivityManager {
|
||||
* to remove an existing always-on VPN configuration.
|
||||
* @param lockdownEnabled {@code true} to disallow networking when the VPN is not connected or
|
||||
* {@code false} otherwise.
|
||||
* @param lockdownWhitelist The list of packages that are allowed to access network directly
|
||||
* when VPN is in lockdown mode but is not running. Non-existent packages are ignored so
|
||||
* this method must be called when a package that should be whitelisted is installed or
|
||||
* uninstalled.
|
||||
* @return {@code true} if the package is set as always-on VPN controller;
|
||||
* {@code false} otherwise.
|
||||
* @hide
|
||||
*/
|
||||
@RequiresPermission(android.Manifest.permission.CONTROL_ALWAYS_ON_VPN)
|
||||
public boolean setAlwaysOnVpnPackageForUser(int userId, @Nullable String vpnPackage,
|
||||
boolean lockdownEnabled) {
|
||||
boolean lockdownEnabled, @Nullable List<String> lockdownWhitelist) {
|
||||
try {
|
||||
return mService.setAlwaysOnVpnPackage(userId, vpnPackage, lockdownEnabled);
|
||||
return mService.setAlwaysOnVpnPackage(
|
||||
userId, vpnPackage, lockdownEnabled, lockdownWhitelist);
|
||||
} catch (RemoteException e) {
|
||||
throw e.rethrowFromSystemServer();
|
||||
}
|
||||
@@ -1036,6 +1042,7 @@ public class ConnectivityManager {
|
||||
* or {@code null} if none is set.
|
||||
* @hide
|
||||
*/
|
||||
@RequiresPermission(android.Manifest.permission.CONTROL_ALWAYS_ON_VPN)
|
||||
public String getAlwaysOnVpnPackageForUser(int userId) {
|
||||
try {
|
||||
return mService.getAlwaysOnVpnPackage(userId);
|
||||
@@ -1044,6 +1051,36 @@ public class ConnectivityManager {
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* @return whether always-on VPN is in lockdown mode.
|
||||
*
|
||||
* @hide
|
||||
**/
|
||||
@RequiresPermission(android.Manifest.permission.CONTROL_ALWAYS_ON_VPN)
|
||||
public boolean isVpnLockdownEnabled(int userId) {
|
||||
try {
|
||||
return mService.isVpnLockdownEnabled(userId);
|
||||
} catch (RemoteException e) {
|
||||
throw e.rethrowFromSystemServer();
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
/**
|
||||
* @return the list of packages that are allowed to access network when always-on VPN is in
|
||||
* lockdown mode but not connected. Returns {@code null} when VPN lockdown is not active.
|
||||
*
|
||||
* @hide
|
||||
**/
|
||||
@RequiresPermission(android.Manifest.permission.CONTROL_ALWAYS_ON_VPN)
|
||||
public List<String> getVpnLockdownWhitelist(int userId) {
|
||||
try {
|
||||
return mService.getVpnLockdownWhitelist(userId);
|
||||
} catch (RemoteException e) {
|
||||
throw e.rethrowFromSystemServer();
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns details about the currently active default data network
|
||||
* for a given uid. This is for internal use only to avoid spying
|
||||
|
||||
@@ -125,8 +125,11 @@ interface IConnectivityManager
|
||||
|
||||
boolean updateLockdownVpn();
|
||||
boolean isAlwaysOnVpnPackageSupported(int userId, String packageName);
|
||||
boolean setAlwaysOnVpnPackage(int userId, String packageName, boolean lockdown);
|
||||
boolean setAlwaysOnVpnPackage(int userId, String packageName, boolean lockdown,
|
||||
in List<String> lockdownWhitelist);
|
||||
String getAlwaysOnVpnPackage(int userId);
|
||||
boolean isVpnLockdownEnabled(int userId);
|
||||
List<String> getVpnLockdownWhitelist(int userId);
|
||||
|
||||
int checkMobileProvisioning(int suggestedTimeOutMs);
|
||||
|
||||
|
||||
@@ -5672,6 +5672,16 @@ public final class Settings {
|
||||
*/
|
||||
public static final String ALWAYS_ON_VPN_LOCKDOWN = "always_on_vpn_lockdown";
|
||||
|
||||
/**
|
||||
* Comma separated list of packages that are allowed to access the network when VPN is in
|
||||
* lockdown mode but not running.
|
||||
* @see #ALWAYS_ON_VPN_LOCKDOWN
|
||||
*
|
||||
* @hide
|
||||
*/
|
||||
public static final String ALWAYS_ON_VPN_LOCKDOWN_WHITELIST =
|
||||
"always_on_vpn_lockdown_whitelist";
|
||||
|
||||
/**
|
||||
* Whether applications can be installed for this user via the system's
|
||||
* {@link Intent#ACTION_INSTALL_PACKAGE} mechanism.
|
||||
|
||||
Reference in New Issue
Block a user