mUids is not marshalled correctly when null so if the
NetworkAgent runs in another process and is not a VPN then
the system will see its allowed Uids as being the empty
list (= nobody can use this network) instead of a null
list (= everybody can use this network). This breaks
emulator networking.
Bug: 72436966
Test: runtests frameworks-net
Test: also manual testing, this does fix emulator networking
and seems not to break phone networking
Change-Id: Id2bbf3808e80b19cd055c832c11cf72372710942
The lifecycle of Keepalive offloading is, unfortunately
different from that of an IpSecTransform. Because starting
a keepalive is fundamentally asynchronous, and isn't valid
until after a transform exists, it will now be a separate
optional procedure that may succeed or fail. It remains
linked with a Transform by the need for a Transform to exist
in order to initiate a Keepalive.
Bug: 38350389
Test: compilation
Change-Id: Ia76fccee41f86d694dff436043293d0c0762c041
For now, system apps will be exempt from hidden API access checks.
Pass the appropriate flag to dexopt.
Test: manual
Bug: 64382372
Bug: 72305689
Merged-In: I5676ffa3a5ba680bf5f6bab0b62f0acf4a933097
Change-Id: Idc3067d2c6040f15fe0f051090ba45efe591ebae
This change adds one KernelResourceRecord type (TunnelInterfaceRecord),
and adds methods for the creation of TunnelInterfaces, as well as the
application of Transforms to the given TunnelInterfaces
As part of the generation of ikeys/okeys, a ReserveKeyTracker manages a
java bitset to avoid collisions and reserve/release keys.
Bug: 63588681
Test: Compiles, CTS, unit tests all pass on AOSP_marlin
Change-Id: I9e9b6455e27073acd4491eae666aa966b3b10e0f
* changes:
Let network requests see VPNs.
Move constants into a new file.
Make sure listen requests from VPN apps see their own networks
Add a test for new UID checking code.
Remove UID_RANGES_ADDED and REMOVED.
Move VPN allowed UIDs into NetworkCapabilities.
Pre-import to remove a conflict.
This will enable running experiments to determine the
effects on battery life of changing these values.
Bug: 71765044
Test: Just adding a key value here. This is basically a no-op.
Change-Id: I33a0b2da6e793ef508d020a3c2d321d5553c3fb1
Simple change to expose systemAPI for applyTunnelModeTransform
Bug: 36033193
Test: All CTS, unit tests passing
Change-Id: I2d857c048bc0dc80c3949387f946b1f5adf0527e
Test: runtest frameworks-net
Test: CTS pass, including with the next patch which is what this
actually matters for
Change-Id: I09a94042acbefa24ab884f95326e30d6ab280b82
Test: runtest frameworks-net
Test: also new specific tests for this new code
Test: also tested with VPN app
Test: also cts passing
Change-Id: If0311bae2bf99dedac959febadecf4f92f3064b8
This will allow data usage clients to query for and receive
callbacks on data usage matching these conditions.
Bug: 35142602
Test: atest FrameworksNetTests
Change-Id: I4d985a2734eeab7ee454c09cc2098b6b3c671c23
Merged-In: I4d985a2734eeab7ee454c09cc2098b6b3c671c23
This is in its own commit because AOSP has diverged from internal
master.
Bug: 35142602
Test: builds, boots
Change-Id: I75fc85b961bc919e3d6c2adce6d6861c6f2c8379
Merged-In: I75fc85b961bc919e3d6c2adce6d6861c6f2c8379
Currently, NetworkStatsManager queries and callbacks only allow
selecting network traffic based on network identifiers:
networkType, subscriptionId and networkId. The code ends up
converting these into a template under the hood.
Now that templates can express more fine-grained queries (e.g.,
select only roaming traffic, or select only traffic that's not
on the default network) add a hidden method to pass in a
template. This should have no security implications, as all the
access controls are performed in NetworkStatsService.
Bug: 35142602
Test: android.app.usage.cts.NetworkUsageStatsTest passes
Change-Id: Iab4afa26b34544299d2a9c501c1b0feb470e90a9
Merged-In: Iab4afa26b34544299d2a9c501c1b0feb470e90a9
This allows an app using the public API to know whether the
traffic in a particular bucket was on the default network
(i.e., the network was selected by the system), or not (i.e.,
the network was selected by the app).
Bug: 35142602
Test: builds, boots
Test: added coverage to NetworkUsageStatsTest CTS test, still passes
Change-Id: I9f6669908fa119743b9c0aa0c31a03e5ebafa7db
Merged-In: I9f6669908fa119743b9c0aa0c31a03e5ebafa7db
When the libcutils constant was added there a merge conflict, which
caused the AID_WEBVIEW_ZYGOTE value to land with a different value than
the Java-side Process value. Nothing yet uses the Process constant, so
there were no ill effects.
Test: m
Change-Id: I8cc87bce1ddbdcdaf79d85c828d86837e96cce21
The only caller is telephony code, and it's being fixed in this
topic.
Bug: 35142602
Test: builds, boots
Change-Id: Ia77a1c2c297037f311c2355610c206cd8e3192c4
CreateTransportModeTransform and DeleteTransportModeTransform are both
agnostic as far as which mode of transform it creates/deletes. As such,
to facilitate the implementation of tunnel mode, this patch renames them
to CreateTransform and DeleteTransform, along with all test names.
Bug: 63588681
Test: frameworks/base unit tests and CTS tests run, passed
Change-Id: I1f015eb7ad0e85fca966658a9402485ca2b44091
