* changes:
DO NOT MERGE Fixes in comments for NetworkEvent, DnsEvent and ConnectEvent
DO NOT MERGE Fix Lint errors for network logging API
DO NOT MERGE Logging when the new batch of network logs broadcast is sent to DO
DO NOT MERGE Disable DO single user features when clearDeviceOwner() is called regardless of the amount of users
DO NOT MERGE Fix disabling DO single user features when clearDeviceOwner() is called
DO NOT MERGE [DPM] Minor code fixes in NetworkLoggingHandler
DO NOT MERGE [DPM] DO uses batch token to retrieve network logs, and can retrieve the same batch many times
DO NOT MERGE [DPM] Management and retrieval of network logs
DO NOT MERGE [DPM] DO can start network logging and listen for events
If multiple async shared preferences writes are queued, all but the
last one can be ignored as they will be overwritten by the last one
anyway.
For commit() we need to make sure that we have at least persisted the
state of the commit.
Generation counts are 64 bit, hence they never overflow.
Test: Produced a lot of SharedPreferences.Editor.apply and did not see
excessive writes anymore, ran SharedPreferences CTS tests
Bug: 33385963
Change-Id: I3968ed4b71befee6eeb90bea1666a0bb646544f6
To understand this change it's first helpful to review Toasts.
The ViewRoot is constructed on the client side, but it's added,
to a window token controlled by the NotificationManagerService.
When we call NotificationManagerService#cancelToast, the system
will remove this window token. With the window token removed,
the WindowManager needs to destroy the surface to prevent orphaned
windows. If we destroy the Surface before removing the toast on the
client side however, we've never asked the ViewRoot to stop rendering
and we could have a crash. To solve this we just have to ensure we call
removeView before cancelToast.
Bug: 31547288
Bug: 30150688
Change-Id: I96672b0ac07ff18e9f51348f2ed42913c5a5226f
Test: the APIs will be tested by CTS when unhidden
Bug: 29748723
(cherry picked from commit da9d3ad3ac)
Change-Id: Iaff05eb6d4a2fd12e0271c703d694ecfc0dc9a17
the same batch many times
This allows DO to:
a) know that some logs were dropped (by trying with token and not
getting anything)
b) know how many logs were there in each batch (useful especially
for the dropped ones)
c) retry batch retrieval if it failed
Test: will be CTS tested once APIs unhidden
Bug: 29748723
(cherry picked from commit a9ff206af2)
Change-Id: Iac10e61cdf3b100719a9c029ff897bd5ef5c8e2f
This CL follows up on ag/1530343 and adds:
1) Various network events.
2) Retrieval method in DPM and APIs in DeviceAdminReceiver.
3) Extension of NetworkLogger and it's NetworkLoggingHandler.
Test: runtest --path frameworks/base/services/tests/servicestests/src/com/android/server/devicepolicy/NetworkEventTest.java
Bug: 29748723
Change-Id: I42a1a477e7c75c109a3982f809c22732b814e8b2
This CL adds:
1) Setter and getter in DPM to manipulate logging switch (retrieval
method to come in a subsequent CL(s)).
2) A way for DPM to register to listen for events.
3) Skeleton of NetworkLogger class (more to come in subsequent CL(s)).
Bug: 29748723
Change-Id: I5c04662ccc6febd2ba294b0eaca1ed1da9c16e47
This patch uses the previously introduced TokenBucket to rate limit
ApfProgramEvents, still allowing for burst of ApfProgramEvents when a
new interface is set up (due to ipv4 provisioning, multicast lock, ipv6 RAs
triggering new APF program events in short amounts of time).
Test: new test in IpConnectivityMetricsTest
Bug: 1550402
(cherry picked from commit e1c173d224)
Change-Id: Ibe41e9a76db36ea502697a5f19fc0d91c40a3087
Test: IpConnectivityMetricsTest passes. Also manually changed the new
setting and verified the buffer size is as expected after flushing the
buffer.
Bug: 32198637
(cherry pick from commit 05686dbb6b)
Change-Id: Ie7ca1638533479601c5983bb6e54705003561b6c
* changes:
DO NOT MERGE NetworkMonitor: send one DNS probe per web probe
DO NOT MERGE NetworkMonitor metrics: add first validation information
DO NOT MERGE Captive portal systel log improvements
UserManager.isUserUnlocked/isUserRunning/isUserUnlockingOrUnlocked now
return state from UMS.mUserStates that is pushed from ActivityManager.
Test: create managed profile using TestDPC and check Launcher3
Test: manually create unstarted managed profile and check launchers
Bug: 33232933
Change-Id: I6b619ba1880188eabdd6e3e4cc7eb60d3a22a977
This patch adds first validation information to:
- ValidationProbeEvent, by extending the probe_type int field of to
also include a bit indicating if the probe was part of a first
validation attempt or not.
- NetworkMonitorEvent, by defining new contants for the event_type
field.
Test: $ runtest frameworks-net
+ manually generating events and inspecting the
output of $ adb shell dumpsys connmetrics list
Bug: b/32198726
(cherry picked from commit 147aa6d53b)
Change-Id: I7ed954dee006f8804a5bf8940eec180714bddd07
MemoryIntArray was using the size of the undelying
ashmem region to mmap the data but the ashmem size
can be changed until the former is memory mapped.
Since we use the ashmem region size for boundary
checking and memory unmapping if it does not match
the size used while mapping an attacker can force
the system to unmap memory or to access undefined
memory and crash.
Also we were passing the memory address where the
ashmem region is mapped in the owner process to
support cases where the client can pass back the
MemoryIntArray instance. This allows an attacker
to put invalid address and cause arbitrary memory
to be freed.
Now we no longer support passing back the instance
to the owner process (the passed back instance is
read only), so no need to pass the memory adress
of the owner's mapping, thus not allowing freeing
arbitrary memory.
Further, we now check the memory mapped size against
the size of the underlying ashmem region after we do
the memory mapping (to fix the ahsmem size) and if
an attacker changed the size under us we throw.
Tests: Updated the tests and they pass.
bug:33039926
bug:33042690
Change-Id: Ibf56827209a9b791aa83ae679219baf829ffc2ac
MemoryIntArray was using the size of the undelying
ashmem region to mmap the data but the ashmem size
can be changed until the former is memory mapped.
Since we use the ashmem region size for boundary
checking and memory unmapping if it does not match
the size used while mapping an attacker can force
the system to unmap memory or to access undefined
memory and crash.
Also we were passing the memory address where the
ashmem region is mapped in the owner process to
support cases where the client can pass back the
MemoryIntArray instance. This allows an attacker
to put invalid address and cause arbitrary memory
to be freed.
Now we no longer support passing back the instance
to the owner process (the passed back instance is
read only), so no need to pass the memory adress
of the owner's mapping, thus not allowing freeing
arbitrary memory.
Further, we now check the memory mapped size against
the size of the underlying ashmem region after we do
the memory mapping (to fix the ahsmem size) and if
an attacker changed the size under us we throw.
Tests: Updated the tests and they pass.
bug:33039926
bug:33042690
Change-Id: I1004579181ff7a223ef659e85c46100c47ab2409
MemoryIntArray was using the size of the undelying
ashmem region to mmap the data but the ashmem size
can be changed until the former is memory mapped.
Since we use the ashmem region size for boundary
checking and memory unmapping if it does not match
the size used while mapping an attacker can force
the system to unmap memory or to access undefined
memory and crash.
Also we were passing the memory address where the
ashmem region is mapped in the owner process to
support cases where the client can pass back the
MemoryIntArray instance. This allows an attacker
to put invalid address and cause arbitrary memory
to be freed.
Now we no longer support passing back the instance
to the owner process (the passed back instance is
read only), so no need to pass the memory adress
of the owner's mapping, thus not allowing freeing
arbitrary memory.
Further, we now check the memory mapped size against
the size of the underlying ashmem region after we do
the memory mapping (to fix the ahsmem size) and if
an attacker changed the size under us we throw.
Tests: Updated the tests and they pass.
bug:33039926
bug:33042690
Change-Id: Id7f0e8a4c861b0b9fa796767e0c22d96633b14d1
