This change adds support for XFRM-I to all IpSecService netd calls.
Fallback logic is in netd, and thus both VTI and XFRM-I parameters are
always passed down to IpSecService.
Bug: 78589502
Test: All java, CTS tests passing
Change-Id: Ie4186f0ad7e50763b21831f6fa411b5ee436de78
SA marks are never updated during the UPDSA call. This change disables
the attempts to update the specified SAs, ensuring that the config
stored in IpSecService matches that of the allocated kernel resources.
Bug: 111854872
Test: Unit, CTS tests passing
Change-Id: Ic1fb862c8021ffa260c3e262ec698d8af0a826d9
To allow vendor code to construct LinkAddress, which is
one of the parameter in the system API DataCallResponse.
Test: Build
Bug: 73659459
Merged-In: I3e203781d3a03285fa0e047cc8837ccb4a09016a
Change-Id: I3e203781d3a03285fa0e047cc8837ccb4a09016a
Add a utility method to convert an EUI-48 to an IPv6 link-local
address based on RFC 4291 (EUI-64 generation) followed by RFC 4862.
Bug: 117605977
Test: atest MacAddressTest
Merged-In: I80b683e69da6beff3b37fc345fc15aa9610d09b7
Change-Id: I80b683e69da6beff3b37fc345fc15aa9610d09b7
When native layer reports onDnsEvent, netId, eventType and
returnCode are available only in NetdEventListenerService, but
not for the clients who register event on it.
Thus, extend the callback to give clients more detail on the
network the look up was performed on and the result of the
lookup.
Bug: 113916551
Test: 1. runtest frameworks-net
2. runtest frameworks-services -c com.android.server. \
net.watchlist.NetworkWatchlistServiceTests
Change-Id: If7beecea50e1baf18cb5c6775ad3ecb1a60b312a
When using xt_qtaguid to count per uid stats,
NetworkStatsService needs to adjust the 464xlat traffic since
iptables module would double count for ipv4 and ipv6 packet.
But for eBPF, the per uid stats is collected in a different
hook, so the adjustment on root uid would only be needed in tx
direction.
Bug: 112226716
Test: 1. Make ipv4 traffic in ipv6-only network and check data
usage.
2. Make ipv4 traffic in a client which connect to
ipv6-only hotspot.
3. runtest frameworks-net
4. cts-tradefed run cts -m CtsNetTestCases -t \
android.net.cts.TrafficStatsTest
5. cts-tradefed run cts -m CtsUsageStatsTestCases
Change-Id: Ic9a84f5446eddc943c255d5f3b89dad171f53cac
Test: runtest frameworks-net passes
Test: manual testing of interface related function works(tethering)
Change-Id: Ie1a1ac00c28ef914d62e7d75b0db8c2434c810d2
Use stable aidl generated structure instead of UidRange
Test: runtest frameworks-net passes
Test: manual testing of UidRange related function works
Change-Id: Iaf1c10777dc1e71df2be2a57533a10257b12626b
Based on some analysis, these fields/methods are likely false positives.
Set maxTargetSdk=P so that any apps using them are required to migrate off
them in future. See the bug for more details.
Exempted-From-Owner-Approval: Automatic changes to the codebase
affecting only @UnsupportedAppUsage annotations, themselves added
without requiring owners approval earlier.
Bug: 115609023
Test: m
Merged-In: I719b5c94e5b1f4fa562dd5d655953422958ad37e
Change-Id: I719b5c94e5b1f4fa562dd5d655953422958ad37e
(cherry picked from commit 8c854f86a4)
Require NETWORK_SETTINGS (or NETWORK_SETUP_WIZARD) instead of the
legacy CONNECTIVITY_INTERNAL permission. The users are as follows:
- The system callers (Phone, Settings, SystemUI, VrSettings) all
have NETWORK_SETTINGS.
- SetupWizard has NETWORK_SETUP_WIZARD
- sl4a has NETWORK_STACK
Bug: 115302596
Test: builds, boots, airplane mode via SystemUI works
Change-Id: I8ca40182bd8b5e3fd9a82296c0cc28de30ed4baf
To add skip464exlat in NetworkMisc.
NetworkAgent can skip to start 464xlat if need.
(e.g. IMS PDN for Cellular can be disabled)
Device will treat the network as IPv6-only if it is set
Bug: 69949375
Test: Nat464XlatTest, ConnectivityServiceTest
Change-Id: I676a02cb92530d64f29f34e89482a934f3ec4553
Currently, apps rely on querying NetworkInfo object to know
whether their network is blocked or not. There is no proactive
way to tell app when it is being blocked/unblocked. The only
event that app would receive is SocketException with
ECONNABORTED when their ongoing socket connection has been
blocked, which is not an elegant way to notify app.
Thus, this commit is trying to address this problem. Therefore,
with the uses of other callbacks, the need of
getState/getDetailedState in NetworkInfo could be completely
eliminated.
Test: runtest frameworks-net
runtest -x NetworkPolicyManagerServiceTest.java
cts-tradefed run cts -m CtsHostsideNetworkTests
cts-tradefed run cts -m CtsNetTestCases -t \
android.net.cts.ConnectivityManagerTest
Bug: 74575553
Change-Id: Iec96a3103d0aa9a505020eb89d69b89c0b694486
Expose ConnectivityManager#setAirplaneMode and the
NETWORK_SETUP_WIZARD permission so that SetupWizard can call
setAirplaneMode.
Delete setAirplaneMode from the greylist because the permissions
checks on it, since at least 2013, have been for a privileged
permission (CONNECTIVITY_INTERNAL) that normal apps don't have.
Test: m
Bug: 115302596
Change-Id: I28f24d32c4b4b386407e9e0e3514ea9f8854f4a8
Add log to ConnectivityManager for better investigations of issue.
This patch adds StackTrace to the following APIs.
reportInetCondition()
reportBadNetwork()
reportNetworkConnectivity()
sendRequestForNetwork()
requestNetwork()
releaseNetworkRequest()
registerNetworkCallback()
unregisterNetworkCallback()
Bug: 116751720
Change-Id: I992292cd9d6f3d69c91ddbde5577591f9ec0f39b
Several java files had the typo {#link (for cross-references to other
Javadocs) instead of the proper {@link format. This was confusing the
new doc publish tool (Mivi) since that's the format used for {# Django
comments #}.
Fixed a couple of links that had other errors (which prevented building
once the {# -> {@ was done) and other typos.
Replaced throughout the frameworks/base project; I'll need a separate CL
for the AndroidX fixes.
Staged to:
go/dac-stage/reference/android/app/Instrumentation.html
go/dac-stage/reference/android/bluetooth/BluetoothAdapter.html
go/dac-stage/reference/android/bluetooth/BluetoothDevice.html
go/dac-stage/reference/android/bluetooth/BluetoothServerSocket.html
go/dac-stage/reference/android/inputmethodservice/InputMethodService.html
go/dac-stage/reference/android/view/KeyCharacterMap.html
go/dac-stage/reference/android/view/KeyEvent.html
go/dac-stage/reference/android/media/AudioManager.html
go/dac-stage/reference/android/net/wifi/WifiConfiguration.html
(Other files were not in the public Javadocs.)
Bug: 111925950
Test: make ds-docs
Exempt-From-Owner-Approval: Docs-only change
Change-Id: Ia06e1fffd814671289a1caebd5962aedc18a28d7
Merged-In: Ia06e1fffd814671289a1caebd5962aedc18a28d7
Everything in the system should now be using proper multinetwork
APIs instead of this insecure and error-prone API.
Make this method do nothing when called by the system. For now,
keep the code around for backwards compatibility for apps
targeting Android releases before M.
Bug: 25824776
Bug: 25876485
Test: FrameworksNetTests pass
Test: CtsNetTestCasesLegacyApi22 pass
Test: CtsNetTestCasesLegacyPermission22 pass
Test: android.net.cts.ConnectivityManagerTest passes
Change-Id: I9b3557faccccc95c7b954db6a13b853b4c7edea0
Allow VPN apps to lookup the UID owner of a network connection.
Requires specifying the:
- IP address and port for both the source and destination of a TCP
connection.
- IP address and port for either source and destination or just
source for a UDP connection.
Only TCP and UDP protocols are supported. Only connections for UIDs
that apply to the calling VPN app will be resolved. This is intended
to replace direct app access to /proc/net/{tcp,tcp6,udp,udp6}.
The implementation uses netlink inet_diag sockets[1] to perform
the lookup on TCP sockets as well as UDP sockets when supported
(kernel has CONFIG_INET_UDP_DIAG=y).
[1] http://man7.org/linux/man-pages/man7/sock_diag.7.html
Bug: 9496886
Bug: 109758967
Test: atest HostsideVpnTests
Test: atest InetDiagSocketTest on Taimen with CONFIG_INET_UDP_DIAG
and on Sailfish without CONFIG_INET_UDP_DIAG.
Change-Id: I2bbc7072dd091e2e653dadf6dc05024c04180f34
