Loading api/current.txt +2 −0 Original line number Diff line number Diff line Loading @@ -27766,6 +27766,8 @@ package android.net { public class VpnService extends android.app.Service { ctor public VpnService(); method public final boolean isAlwaysOn(); method public final boolean isLockdownEnabled(); method public android.os.IBinder onBind(android.content.Intent); method public void onRevoke(); method public static android.content.Intent prepare(android.content.Context); core/java/android/net/IConnectivityManager.aidl +2 −0 Original line number Diff line number Diff line Loading @@ -187,4 +187,6 @@ interface IConnectivityManager byte[] getNetworkWatchlistConfigHash(); int getConnectionOwnerUid(in ConnectionInfo connectionInfo); boolean isCallerCurrentAlwaysOnVpnApp(); boolean isCallerCurrentAlwaysOnVpnLockdownApp(); } core/java/android/net/VpnService.java +23 −0 Original line number Diff line number Diff line Loading @@ -367,6 +367,29 @@ public class VpnService extends Service { } } /** * Returns whether the service is running in always-on VPN mode. */ public final boolean isAlwaysOn() { try { return getService().isCallerCurrentAlwaysOnVpnApp(); } catch (RemoteException e) { throw e.rethrowFromSystemServer(); } } /** * Returns whether the service is running in always-on VPN mode blocking connections without * VPN. */ public final boolean isLockdownEnabled() { try { return getService().isCallerCurrentAlwaysOnVpnLockdownApp(); } catch (RemoteException e) { throw e.rethrowFromSystemServer(); } } /** * Return the communication interface to the service. This method returns * {@code null} on {@link Intent}s other than {@link #SERVICE_INTERFACE} Loading services/core/java/com/android/server/ConnectivityService.java +33 −7 Original line number Diff line number Diff line Loading @@ -6346,6 +6346,20 @@ public class ConnectivityService extends IConnectivityManager.Stub } } @GuardedBy("mVpns") private Vpn getVpnIfOwner() { final int uid = Binder.getCallingUid(); final int user = UserHandle.getUserId(uid); final Vpn vpn = mVpns.get(user); if (vpn == null) { return null; } else { final VpnInfo info = vpn.getVpnInfo(); return (info == null || info.ownerUid != uid) ? null : vpn; } } /** * Caller either needs to be an active VPN, or hold the NETWORK_STACK permission * for testing. Loading @@ -6354,14 +6368,10 @@ public class ConnectivityService extends IConnectivityManager.Stub if (checkNetworkStackPermission()) { return null; } final int uid = Binder.getCallingUid(); final int user = UserHandle.getUserId(uid); synchronized (mVpns) { Vpn vpn = mVpns.get(user); try { if (vpn.getVpnInfo().ownerUid == uid) return vpn; } catch (NullPointerException e) { /* vpn is null, or VPN is not connected and getVpnInfo() is null. */ Vpn vpn = getVpnIfOwner(); if (vpn != null) { return vpn; } } throw new SecurityException("App must either be an active VPN or have the NETWORK_STACK " Loading Loading @@ -6390,4 +6400,20 @@ public class ConnectivityService extends IConnectivityManager.Stub return uid; } @Override public boolean isCallerCurrentAlwaysOnVpnApp() { synchronized (mVpns) { Vpn vpn = getVpnIfOwner(); return vpn != null && vpn.getAlwaysOn(); } } @Override public boolean isCallerCurrentAlwaysOnVpnLockdownApp() { synchronized (mVpns) { Vpn vpn = getVpnIfOwner(); return vpn != null && vpn.getLockdown(); } } } services/core/java/com/android/server/connectivity/Vpn.java +10 −5 Original line number Diff line number Diff line Loading @@ -60,7 +60,6 @@ import android.net.NetworkMisc; import android.net.NetworkUtils; import android.net.RouteInfo; import android.net.UidRange; import android.net.Uri; import android.net.VpnService; import android.os.Binder; import android.os.Build.VERSION_CODES; Loading @@ -71,7 +70,6 @@ import android.os.INetworkManagementService; import android.os.Looper; import android.os.Parcel; import android.os.ParcelFileDescriptor; import android.os.PatternMatcher; import android.os.Process; import android.os.RemoteException; import android.os.SystemClock; Loading Loading @@ -100,6 +98,8 @@ import com.android.server.DeviceIdleController; import com.android.server.LocalServices; import com.android.server.net.BaseNetworkObserver; import libcore.io.IoUtils; import java.io.File; import java.io.IOException; import java.io.InputStream; Loading @@ -121,8 +121,6 @@ import java.util.SortedSet; import java.util.TreeSet; import java.util.concurrent.atomic.AtomicInteger; import libcore.io.IoUtils; /** * @hide */ Loading Loading @@ -346,10 +344,17 @@ public class Vpn { * * @return {@code true} if VPN lockdown is enabled. */ public boolean getLockdown() { public synchronized boolean getLockdown() { return mLockdown; } /** * Returns whether VPN is configured as always-on. */ public synchronized boolean getAlwaysOn() { return mAlwaysOn; } /** * Checks if a VPN app supports always-on mode. * Loading Loading
api/current.txt +2 −0 Original line number Diff line number Diff line Loading @@ -27766,6 +27766,8 @@ package android.net { public class VpnService extends android.app.Service { ctor public VpnService(); method public final boolean isAlwaysOn(); method public final boolean isLockdownEnabled(); method public android.os.IBinder onBind(android.content.Intent); method public void onRevoke(); method public static android.content.Intent prepare(android.content.Context);
core/java/android/net/IConnectivityManager.aidl +2 −0 Original line number Diff line number Diff line Loading @@ -187,4 +187,6 @@ interface IConnectivityManager byte[] getNetworkWatchlistConfigHash(); int getConnectionOwnerUid(in ConnectionInfo connectionInfo); boolean isCallerCurrentAlwaysOnVpnApp(); boolean isCallerCurrentAlwaysOnVpnLockdownApp(); }
core/java/android/net/VpnService.java +23 −0 Original line number Diff line number Diff line Loading @@ -367,6 +367,29 @@ public class VpnService extends Service { } } /** * Returns whether the service is running in always-on VPN mode. */ public final boolean isAlwaysOn() { try { return getService().isCallerCurrentAlwaysOnVpnApp(); } catch (RemoteException e) { throw e.rethrowFromSystemServer(); } } /** * Returns whether the service is running in always-on VPN mode blocking connections without * VPN. */ public final boolean isLockdownEnabled() { try { return getService().isCallerCurrentAlwaysOnVpnLockdownApp(); } catch (RemoteException e) { throw e.rethrowFromSystemServer(); } } /** * Return the communication interface to the service. This method returns * {@code null} on {@link Intent}s other than {@link #SERVICE_INTERFACE} Loading
services/core/java/com/android/server/ConnectivityService.java +33 −7 Original line number Diff line number Diff line Loading @@ -6346,6 +6346,20 @@ public class ConnectivityService extends IConnectivityManager.Stub } } @GuardedBy("mVpns") private Vpn getVpnIfOwner() { final int uid = Binder.getCallingUid(); final int user = UserHandle.getUserId(uid); final Vpn vpn = mVpns.get(user); if (vpn == null) { return null; } else { final VpnInfo info = vpn.getVpnInfo(); return (info == null || info.ownerUid != uid) ? null : vpn; } } /** * Caller either needs to be an active VPN, or hold the NETWORK_STACK permission * for testing. Loading @@ -6354,14 +6368,10 @@ public class ConnectivityService extends IConnectivityManager.Stub if (checkNetworkStackPermission()) { return null; } final int uid = Binder.getCallingUid(); final int user = UserHandle.getUserId(uid); synchronized (mVpns) { Vpn vpn = mVpns.get(user); try { if (vpn.getVpnInfo().ownerUid == uid) return vpn; } catch (NullPointerException e) { /* vpn is null, or VPN is not connected and getVpnInfo() is null. */ Vpn vpn = getVpnIfOwner(); if (vpn != null) { return vpn; } } throw new SecurityException("App must either be an active VPN or have the NETWORK_STACK " Loading Loading @@ -6390,4 +6400,20 @@ public class ConnectivityService extends IConnectivityManager.Stub return uid; } @Override public boolean isCallerCurrentAlwaysOnVpnApp() { synchronized (mVpns) { Vpn vpn = getVpnIfOwner(); return vpn != null && vpn.getAlwaysOn(); } } @Override public boolean isCallerCurrentAlwaysOnVpnLockdownApp() { synchronized (mVpns) { Vpn vpn = getVpnIfOwner(); return vpn != null && vpn.getLockdown(); } } }
services/core/java/com/android/server/connectivity/Vpn.java +10 −5 Original line number Diff line number Diff line Loading @@ -60,7 +60,6 @@ import android.net.NetworkMisc; import android.net.NetworkUtils; import android.net.RouteInfo; import android.net.UidRange; import android.net.Uri; import android.net.VpnService; import android.os.Binder; import android.os.Build.VERSION_CODES; Loading @@ -71,7 +70,6 @@ import android.os.INetworkManagementService; import android.os.Looper; import android.os.Parcel; import android.os.ParcelFileDescriptor; import android.os.PatternMatcher; import android.os.Process; import android.os.RemoteException; import android.os.SystemClock; Loading Loading @@ -100,6 +98,8 @@ import com.android.server.DeviceIdleController; import com.android.server.LocalServices; import com.android.server.net.BaseNetworkObserver; import libcore.io.IoUtils; import java.io.File; import java.io.IOException; import java.io.InputStream; Loading @@ -121,8 +121,6 @@ import java.util.SortedSet; import java.util.TreeSet; import java.util.concurrent.atomic.AtomicInteger; import libcore.io.IoUtils; /** * @hide */ Loading Loading @@ -346,10 +344,17 @@ public class Vpn { * * @return {@code true} if VPN lockdown is enabled. */ public boolean getLockdown() { public synchronized boolean getLockdown() { return mLockdown; } /** * Returns whether VPN is configured as always-on. */ public synchronized boolean getAlwaysOn() { return mAlwaysOn; } /** * Checks if a VPN app supports always-on mode. * Loading
