When someone tries to revoke packageA, it is possible that packageA is
already revoked by packageB. In this case packageB should not be revoked,
and the new prepare() can help solve this problem.
Change-Id: Iee056a191dd99467b8ad1b5379a17b02d404bad1
Both stats and policy make NMS calls that depend on bandwidth control
being enabled, so move enable/disable into NMS and drop calls when
disabled. This avoids throwing heavy ISE exceptions when disabled.
Only include recent data when writing NetworkStatsHistory as part of
dumpsys call. Introduce manual poll event for Settings UI.
Bug: 4982115, 4770435, 4515856
Change-Id: I257820b057af2f0f99c736fb4f61e55b9fdc3e66
Connect up netd penalty box through NMS, and enforce the existing
background data flag by putting all UIDs in penalty box. Allow
platform applications to have policy applied. Only dispatch unique
rules to netd, avoiding any repeats.
Bug: 4598463, 4965677
Change-Id: Ibf9beff998ba7a1ea92f5e2f7eeba7b483d4b918
Change NMS parsing to handle extended /proc/ stats formats by pairing
values with header keys. Move TrafficStats to integer tags to match
kernel internals, and offer well-known tags for system services.
Async policy event dispatch from NPMS, and update tests to block for
event dispatch. Narrow app policy to exclude apps signed with system
key, which are usually critical.
Bug: 4948913, 4903489, 4585280
Change-Id: Idb357227ccaa617906411f309371cea18d7bc519
b/2689122 SSL error shows the wrong page when triggered by an image/javascript in the page.
This change receives the URL which has a cert error from webkit and carrys it in SslError.
so the Browser app can show the URL in the dialog boxes. Related CLs are:
webkit: https://android-git.corp.google.com/g/#change,117817
browser: https://android-git.corp.google.com/g/#change,117835
Change-Id: I65c3f038a48b6386fa93cb25a9ef70dbfb982c18
After unreverting the linkstate change patch, hook up notification handlers
that didn't exist when the first patch was created, like
EthernetDataTracker.java and Vpn.java.
For the observers that handle interfaceStatusChanged(), I made
interfaceLinkStatusChanged() call it so they both do the same thing.
Change-Id: I0077e5e5f48f3932ba98f5bf363243892f2de6cc
Signed-off-by: Mike J. Chen <mjchen@google.com>
This reverts commit 1a7e671902.
Bring back the changes from Stan Chesnutt regarding link-status-change
notifications. The comment from the original patch was:
Propagate new link-status-change message to any NetworkManagementService
observers. Also fix the syntax of the "interface-status-change" message. Add
a null handler in the ThrottleService and Tethering classes (plus fix names).
Change-Id: I42cbed692024de32275cad234f42ff23ab7e9d8d
Signed-off-by: Mike J. Chen <mjchen@google.com>
DHCP renewal can finish pretty quick most times and holding
a timed wakelock wastes battery.
Hold a non-reference counted lock and release it immediate
while having the safety of a 40s release
Bug: 4575773
Change-Id: I49d2e8c27b2723690aef26417c4b9a145843a401
Used to use iface names, but on mobile ifaces are multipurpose.
Refined to use ConnectivityService types.
bug:4530116
Change-Id: Iaa632d5f540d27ffff683bd7d94f8004bf422e71
And correctly upgrade NetworkIdentitySet written to disk, assuming
that old values aren't roaming.
Bug: 4724762
Change-Id: Ic25897ebbaf43be2390174d8e5fd08386bc8a345
Now stores tags other than TAG_NONE (0x0), which are useful for app
debugging. Combine UID and tag together into single long key, and
expose tag data through AIDL when requested. Change NMS to track
TAG_NONE as total UID traffic, matching the kernel definition.
Added TAG_MAX_HISTORY to control how long tag-granularity statistics
are stored; overall UID usage is still kept for UID_MAX_HISTORY. Fix
bug to trim NetworkStatsHistory outside normal polling loops to catch
non-active networks and UIDs.
Test to verify UID and tag packing, and to verify that UID traffic on
two networks are combined to match MOBILE_ALL template.
Change-Id: If0e039416d9e7f63b1a39e04cddfb1133b5a78ee
When UID_REMOVED, clean up any existing UID network policy so it
doesn't linger for future apps. Also move any NetworkStatsHistory
to special UID_REMOVED tracking bucket.
Tests for new removal code. Also test detailed UID stats, including
network changes to verify template matching logic.
Bug: 4584212
Change-Id: I9faadf6b6f3830eb45d86c7f1980a27cdbcdb11e
Teach NMS to read qtaguid stats from kernel, but fall back to older
stats when kernel doesn't support. Add "tags" to NetworkStats entries
to support qtaguid. To work around double-reporting bug, subtract
tagged stats from TAG_NONE entry.
Flesh out stronger NetworkTemplate. All NetworkStatsService requests
now require a template, and moved matching logic into template.
Record UID stats keyed on complete NetworkIdentitySet definition,
similar to how interface stats are stored. Since previous UID stats
didn't have iface breakdown, discard during file format upgrade.
Change-Id: I0447b5e7d205d73d28e71c889c568e536e91b8e4
Currently, kernel definition of metered networks is applied at the
interface level. This change maintain list of those metered ifaces
and notifies policy listeners, like ConnectivityService. (This gives
us a consistent picture of when a network would be blocked.)
Bug: 4601393
Change-Id: I277d5ca96ab967a1c1c3f1da8f9587557cd6d74c
Handful of DownloadManager flags to record when a download was paused
because of NetworkPolicyManager rules.
Change-Id: I99fc47f529cb6c8a42dbeca049e0cd0f1556eac4
If you do it before you have a race condition and some apps will
manage to reconnect on the dieing network before it goes and then
get no notification when it goes.
bug: 3408025
Change-Id: I5386ff313c759b3f687bc38731454ab43dbe76b8
Note that VpnConfig is for internal use only.
Also remove hidden methods from ConnectivityManager.
Change-Id: Ic298c4dc9a2c6c452bd8f4be6fa84e7ac489c0c4
When launching warning/limit UI, include the template that triggered
the notification. Also move actions and extra into contract class.
Change-Id: Id2e63fd2d2e36a137a3fd8f889c7256038ca5f2e
Watch for network statistics to cross NetworkPolicy warning or limit,
and show notifications to user as needed. Currently checks during
any statistics update, but will eventually move to event registration
through netd when kernel supports.
Fixed accounting bug in getSummaryForNetwork(). Only apply UID policy
to applications; applying to system processes could break critical
services like RIL.
Change-Id: Iac0f20e910e205f3cbc54ec96395ff268b1aa379
Devices with always present wired ethernet interfaces (as opposed
to usb ethernet dongles) don't have the interface added and removed.
Instead, it is present already at boot time. Change EthernetDataTracker
to support the already existing at boot time case.
Change-Id: I7b8e938f6b07aabd14f00ace55b35b7a05ea5a38
Signed-off-by: Mike J. Chen <mjchen@google.com>
The improved keystore will allow clients (Email not the least of them)
to establish SSL connections using custom client certificates. In order
to do this properly, the socket factories they use to establish these
connections need to be able to customize their behavior.
Change-Id: I6e0fa04dd01bd6481dfdad5a71a63e0371d0ad8c
Instead of embedding complex template coexistence rules into policy
service, rely on external editors to enforce, and offer atomic
get/set operations for full policy sets.
Generate default mobile policy when none exists, using default of 4GB
warning and cycle reset of current day. Dispatch listener events
through Handler when holding internal lock, and catch CLASS_UNKNOWN
networks in 3G_LOWER template.
Change-Id: I063cf1eaf330e32b75d0697b89fc04488e6dfaea
