In previous change, the new SocketKeepalive API was exported.
But internally, old PacketKeepalive names and structures are
still used.
This change rename them properly for code consistency and also
refactor KeepalivePacketData to support different types of
KeepalivePacketData.
Bug: 114151147
Test: 1. atest FrameworksNetTests
2. atest FrameworksWifiTests
3. atest FrameworksTelephonyTests
Change-Id: Ia9917d12987e91e87e34ffb3f126e7bc7c9c187e
Merged-In: Ia9917d12987e91e87e34ffb3f126e7bc7c9c187e
The NetworkStackPermissionStub package is used to enforce that
permissions used by the NetworkStack are only used in packages
sharing signature with NetworkStackPermissionStub.
Permissions defined in this package are intended to be used only by the
NetworkStack: both NetworkStack and the stub APK will be signed with
a dedicated certificate to ensure that, with permissions being signature
permissions.
This APK *must* be installed, even if the NetworkStack app is not
installed, because otherwise, any application will be able to define
this permission and the system will give that application full access
to the network stack.
Test: flashed, booted
Bug: 112869080
Change-Id: Ia13a9e6a703cb7b4403697a7f7bfff0f6f3b813e
Bluetooth runs as UID 1001002 when on a secondary user. With this change
the NetworkStack verifies that the calling UID matches the Bluetooth app
regardless of the user.
Test: flashed, BT reverse tethering still working as primary user
(no option to turn on as secondary user on phones)
Bug: 123655057
Change-Id: I23f9c5fa40f3bb676ac65dd8c15106c9d78309a4
The callback would be used to notify entitlement value. If the
cache value indicates entitlement succeeded, it just fire
callback with cache value instead of run entitlement check.
Bug: 120887283
Test: atest FrameworksNetTests
Change-Id: I8afe928423bd75c54c61533a50a5c0814922ceb1
Currently it is not possible to change private DNS bypass by
doing:
setProcessDefaultNetwork(network.getPrivateDnsBypassingCopy());
setProcessDefaultNetwork(network);
because the code will ignore the change. Fix this by ensuring
that we always call bindProcessToNetwork (which does not have
side effects) and then only performing the expensive operations
(flushing DNS cache, upating socket pools) if the netId changed.
Bug: 112869080
Test: None
Change-Id: I5e8999cb11d8b8c1e9eb583fa8b3932f212accff
For VPN apps targeting Q and above, they will by default be treated as
metered unless they override this setting before establishing VPN.
Bug: 120145746
Test: atest FrameworksNetTests
Test: On device tests verifying meteredness setup correctly for apps
targeting Q and apps targeting P.
Change-Id: Ia6d1f7ef244bc04ae2e28faa59625302b5994875
Currently, bypassing private DNS requires calling the deprecated
setProcessDefaultNetworkForHostResolution. Allow apps to do this
via the non-deprecated binProcessForNetwork as well.
This has fewer backwards compatibility concerns than the
alternative approach of having setProcessDefaultNetwork call
setProcessDefaultNetworkForHostResolution. That approach would
have been problematic, for example, if an app did:
cm.bindProcessToNetwork(network);
...
cm.bindProcessToNetwork(null);
In this case, it would be difficult to know whether to clear the
resolver mapping as well: what if an app had also called
setProcessDefaultNetworkForHostResolution?
Similarly, it would be difficult to know what to do if an app did:
cm.setProcessDefaultNetworkForHostResolution(network);
cm.bindProcessToNetwork(null);
This approach does not have these concerns, and has no effect
on apps that don't call Network.getPrivateDnsBypassingCopy, which
regular apps don't have permission to use. It also provides a
path to deprecate setProcessDefaultNetworkForHostResolution.
Bug: 112869080
Test: atest android.net.cts.ConnectivityManagerTest android.net.cts.MultinetworkApiTest
Change-Id: I4158a37b6ed87a9a9b2677c526dcfee8af48e483
The metrics go through NetworkMonitor in the NetworkStack so that they
can be upgraded to new metrics in the future.
Test: flashed, captive portal login works, metrics shown in events log
Bug: 112869080
Merged-In: I4bccfbd87bae5b2d65e45c7a5918aa45ab5d76e8
Change-Id: Ib5e2126788f8d56a00a56d7efcd33c5f9a37a6de
Includes various small changes to stop using hidden APIs
Test: make NetworkStack
Test: flashed, booted, WiFi and tethering working
Bug: 112869080
Change-Id: Id2830795a444f484b377ed6437435a1cd833697a
The utilities are not supported as public API but required as SystemApi
for the NetworkStack.
Test: flashed, boots, WiFi works
Bug: 112869080
Change-Id: Ia64b3bf9c6c33cf61bed76469ea9963b550bed2b
attach*Filter and addArpEntry are necessary for the NetworkStack but are
only usable for apps that have system permissions.
Also includes system API for IpPrefix, LinkAddress, LinkProperties,
Network, and static modifier in ApfCapabilities that were missed in
previous CLs.
Test: Builds, flashed, WiFi works
Bug: 112869080
Change-Id: If141ae6a2f9145f5af64ba002ca44938f39b90a9
These utilities can only be used for privileged apps. The underlying
implementation cannot be @SystemApi.
Test: m
Bug: 112869080
Change-Id: Idfa90561102e5b03ab2b79486d3ad46457128bf8
Adds system api of createSocketKeepalive to take file descriptor,
so privileged apps could use it without the need of IpSecService.
Bug: 114151147
Test: atest FrameworksNetTests
Change-Id: If926c21704b6ed73a0adfcadad732b97b42bacae
Members in this CL were missed in earlier changes.
Test: m
Bug: 112869080
Merged-In: I8b5b80ea7b267357eb0387d504a2f78358d6d502
Change-Id: I8b9b15f8b91962f3ef554fd222a825e471806c9e
The new set of API replace the PacketKeepalive system API
which is only specific for IPsec NAT-T keepalive packet. Allows
applications to request different types of keepalives through
the same set of API.
By using keepalives, applications could request system to
periodically send specific packets on their behalf, using
hardware offload to save battery power.
This change would only address interface change and test part of
original functionality. After all reference of PacketKeepalive
are removed, another change would be submitted to remove old
API.
Bug: 114151147
Test: atest FrameworksNetTests
Change-Id: I3367666810acc44d5ad20e19acd4bf936e8b5d9c
This helps remove the dependency on MultinetworkPolicyTracker from
IpClient.
Test: atest FrameworksNetTests NetworkStackTests
Bug: 112869080
Change-Id: If56791dbed564772f25a859f301b8b52d84e38a3
