Loading core/java/android/net/NetworkCapabilities.java +1 −0 Original line number Original line Diff line number Diff line Loading @@ -619,6 +619,7 @@ public final class NetworkCapabilities implements Parcelable { case NET_CAPABILITY_NOT_RESTRICTED: capabilities += "NOT_RESTRICTED"; break; case NET_CAPABILITY_NOT_RESTRICTED: capabilities += "NOT_RESTRICTED"; break; case NET_CAPABILITY_TRUSTED: capabilities += "TRUSTED"; break; case NET_CAPABILITY_TRUSTED: capabilities += "TRUSTED"; break; case NET_CAPABILITY_NOT_VPN: capabilities += "NOT_VPN"; break; case NET_CAPABILITY_NOT_VPN: capabilities += "NOT_VPN"; break; case NET_CAPABILITY_VALIDATED: capabilities += "VALIDATED"; break; } } if (++i < types.length) capabilities += "&"; if (++i < types.length) capabilities += "&"; } } Loading services/core/java/com/android/server/ConnectivityService.java +29 −38 Original line number Original line Diff line number Diff line Loading @@ -1071,23 +1071,6 @@ public class ConnectivityService extends IConnectivityManager.Stub } } } } private NetworkCapabilities getNetworkCapabilitiesAndValidation(NetworkAgentInfo nai) { if (nai != null) { synchronized (nai) { if (nai.created) { NetworkCapabilities nc = new NetworkCapabilities(nai.networkCapabilities); if (nai.lastValidated) { nc.addCapability(NET_CAPABILITY_VALIDATED); } else { nc.removeCapability(NET_CAPABILITY_VALIDATED); } return nc; } } } return null; } @Override @Override public NetworkCapabilities[] getDefaultNetworkCapabilitiesForUser(int userId) { public NetworkCapabilities[] getDefaultNetworkCapabilitiesForUser(int userId) { // The basic principle is: if an app's traffic could possibly go over a // The basic principle is: if an app's traffic could possibly go over a Loading @@ -1109,7 +1092,7 @@ public class ConnectivityService extends IConnectivityManager.Stub HashMap<Network, NetworkCapabilities> result = new HashMap<Network, NetworkCapabilities>(); HashMap<Network, NetworkCapabilities> result = new HashMap<Network, NetworkCapabilities>(); NetworkAgentInfo nai = getDefaultNetwork(); NetworkAgentInfo nai = getDefaultNetwork(); NetworkCapabilities nc = getNetworkCapabilitiesAndValidation(getDefaultNetwork()); NetworkCapabilities nc = getNetworkCapabilitiesInternal(nai); if (nc != null) { if (nc != null) { result.put(nai.network, nc); result.put(nai.network, nc); } } Loading @@ -1122,9 +1105,9 @@ public class ConnectivityService extends IConnectivityManager.Stub if (networks != null) { if (networks != null) { for (Network network : networks) { for (Network network : networks) { nai = getNetworkAgentInfoForNetwork(network); nai = getNetworkAgentInfoForNetwork(network); nc = getNetworkCapabilitiesAndValidation(nai); nc = getNetworkCapabilitiesInternal(nai); if (nc != null) { if (nc != null) { result.put(nai.network, nc); result.put(network, nc); } } } } } } Loading Loading @@ -1184,24 +1167,23 @@ public class ConnectivityService extends IConnectivityManager.Stub return null; return null; } } @Override private NetworkCapabilities getNetworkCapabilitiesInternal(NetworkAgentInfo nai) { public NetworkCapabilities getNetworkCapabilities(Network network) { enforceAccessPermission(); NetworkAgentInfo nai = getNetworkAgentInfoForNetwork(network); if (nai != null) { if (nai != null) { synchronized (nai) { synchronized (nai) { NetworkCapabilities nc = new NetworkCapabilities(nai.networkCapabilities); if (nai.networkCapabilities != null) { if (nai.lastValidated) { return new NetworkCapabilities(nai.networkCapabilities); nc.addCapability(NET_CAPABILITY_VALIDATED); } else { nc.removeCapability(NET_CAPABILITY_VALIDATED); } } return nc; } } } } return null; return null; } } @Override public NetworkCapabilities getNetworkCapabilities(Network network) { enforceAccessPermission(); return getNetworkCapabilitiesInternal(getNetworkAgentInfoForNetwork(network)); } @Override @Override public NetworkState[] getAllNetworkState() { public NetworkState[] getAllNetworkState() { // Require internal since we're handing out IMSI details // Require internal since we're handing out IMSI details Loading Loading @@ -1966,11 +1948,14 @@ public class ConnectivityService extends IConnectivityManager.Stub } } case NetworkMonitor.EVENT_NETWORK_TESTED: { case NetworkMonitor.EVENT_NETWORK_TESTED: { NetworkAgentInfo nai = (NetworkAgentInfo)msg.obj; NetworkAgentInfo nai = (NetworkAgentInfo)msg.obj; if (isLiveNetworkAgent(nai, "EVENT_NETWORK_VALIDATED")) { if (isLiveNetworkAgent(nai, "EVENT_NETWORK_TESTED")) { boolean valid = (msg.arg1 == NetworkMonitor.NETWORK_TEST_RESULT_VALID); final boolean valid = (msg.arg1 == NetworkMonitor.NETWORK_TEST_RESULT_VALID); final boolean validationChanged = (valid != nai.lastValidated); nai.lastValidated = valid; nai.lastValidated = valid; if (valid) { if (valid) { if (DBG) log("Validated " + nai.name()); if (DBG) log("Validated " + nai.name()); nai.networkCapabilities.addCapability(NET_CAPABILITY_VALIDATED); if (!nai.everValidated) { if (!nai.everValidated) { nai.everValidated = true; nai.everValidated = true; rematchNetworkAndRequests(nai, NascentState.JUST_VALIDATED, rematchNetworkAndRequests(nai, NascentState.JUST_VALIDATED, Loading @@ -1978,6 +1963,8 @@ public class ConnectivityService extends IConnectivityManager.Stub // If score has changed, rebroadcast to NetworkFactories. b/17726566 // If score has changed, rebroadcast to NetworkFactories. b/17726566 sendUpdatedScoreToFactories(nai); sendUpdatedScoreToFactories(nai); } } } else { nai.networkCapabilities.removeCapability(NET_CAPABILITY_VALIDATED); } } updateInetCondition(nai); updateInetCondition(nai); // Let the NetworkAgent know the state of its network // Let the NetworkAgent know the state of its network Loading @@ -1986,8 +1973,9 @@ public class ConnectivityService extends IConnectivityManager.Stub (valid ? NetworkAgent.VALID_NETWORK : NetworkAgent.INVALID_NETWORK), (valid ? NetworkAgent.VALID_NETWORK : NetworkAgent.INVALID_NETWORK), 0, null); 0, null); // TODO: trigger a NetworkCapabilities update so that the dialog can know if (validationChanged) { // that the network is now validated and close itself. notifyNetworkCallbacks(nai, ConnectivityManager.CALLBACK_CAP_CHANGED); } } } break; break; } } Loading Loading @@ -3569,8 +3557,7 @@ public class ConnectivityService extends IConnectivityManager.Stub } } private void enforceNetworkRequestPermissions(NetworkCapabilities networkCapabilities) { private void enforceNetworkRequestPermissions(NetworkCapabilities networkCapabilities) { if (networkCapabilities.hasCapability(NET_CAPABILITY_NOT_RESTRICTED) if (networkCapabilities.hasCapability(NET_CAPABILITY_NOT_RESTRICTED) == false) { == false) { enforceConnectivityInternalPermission(); enforceConnectivityInternalPermission(); } else { } else { enforceChangePermission(); enforceChangePermission(); Loading @@ -3597,8 +3584,7 @@ public class ConnectivityService extends IConnectivityManager.Stub private void enforceMeteredApnPolicy(NetworkCapabilities networkCapabilities) { private void enforceMeteredApnPolicy(NetworkCapabilities networkCapabilities) { // if UID is restricted, don't allow them to bring up metered APNs // if UID is restricted, don't allow them to bring up metered APNs if (networkCapabilities.hasCapability(NET_CAPABILITY_NOT_METERED) if (networkCapabilities.hasCapability(NET_CAPABILITY_NOT_METERED) == false) { == false) { final int uidRules; final int uidRules; final int uid = Binder.getCallingUid(); final int uid = Binder.getCallingUid(); synchronized(mRulesLock) { synchronized(mRulesLock) { Loading Loading @@ -3969,6 +3955,11 @@ public class ConnectivityService extends IConnectivityManager.Stub synchronized (networkAgent) { synchronized (networkAgent) { networkAgent.networkCapabilities = networkCapabilities; networkAgent.networkCapabilities = networkCapabilities; } } if (networkAgent.lastValidated) { networkAgent.networkCapabilities.addCapability(NET_CAPABILITY_VALIDATED); // There's no need to remove the capability if we think the network is unvalidated, // because NetworkAgents don't set the validated capability. } rematchAllNetworksAndRequests(networkAgent, networkAgent.getCurrentScore()); rematchAllNetworksAndRequests(networkAgent, networkAgent.getCurrentScore()); notifyNetworkCallbacks(networkAgent, ConnectivityManager.CALLBACK_CAP_CHANGED); notifyNetworkCallbacks(networkAgent, ConnectivityManager.CALLBACK_CAP_CHANGED); } } Loading Loading
core/java/android/net/NetworkCapabilities.java +1 −0 Original line number Original line Diff line number Diff line Loading @@ -619,6 +619,7 @@ public final class NetworkCapabilities implements Parcelable { case NET_CAPABILITY_NOT_RESTRICTED: capabilities += "NOT_RESTRICTED"; break; case NET_CAPABILITY_NOT_RESTRICTED: capabilities += "NOT_RESTRICTED"; break; case NET_CAPABILITY_TRUSTED: capabilities += "TRUSTED"; break; case NET_CAPABILITY_TRUSTED: capabilities += "TRUSTED"; break; case NET_CAPABILITY_NOT_VPN: capabilities += "NOT_VPN"; break; case NET_CAPABILITY_NOT_VPN: capabilities += "NOT_VPN"; break; case NET_CAPABILITY_VALIDATED: capabilities += "VALIDATED"; break; } } if (++i < types.length) capabilities += "&"; if (++i < types.length) capabilities += "&"; } } Loading
services/core/java/com/android/server/ConnectivityService.java +29 −38 Original line number Original line Diff line number Diff line Loading @@ -1071,23 +1071,6 @@ public class ConnectivityService extends IConnectivityManager.Stub } } } } private NetworkCapabilities getNetworkCapabilitiesAndValidation(NetworkAgentInfo nai) { if (nai != null) { synchronized (nai) { if (nai.created) { NetworkCapabilities nc = new NetworkCapabilities(nai.networkCapabilities); if (nai.lastValidated) { nc.addCapability(NET_CAPABILITY_VALIDATED); } else { nc.removeCapability(NET_CAPABILITY_VALIDATED); } return nc; } } } return null; } @Override @Override public NetworkCapabilities[] getDefaultNetworkCapabilitiesForUser(int userId) { public NetworkCapabilities[] getDefaultNetworkCapabilitiesForUser(int userId) { // The basic principle is: if an app's traffic could possibly go over a // The basic principle is: if an app's traffic could possibly go over a Loading @@ -1109,7 +1092,7 @@ public class ConnectivityService extends IConnectivityManager.Stub HashMap<Network, NetworkCapabilities> result = new HashMap<Network, NetworkCapabilities>(); HashMap<Network, NetworkCapabilities> result = new HashMap<Network, NetworkCapabilities>(); NetworkAgentInfo nai = getDefaultNetwork(); NetworkAgentInfo nai = getDefaultNetwork(); NetworkCapabilities nc = getNetworkCapabilitiesAndValidation(getDefaultNetwork()); NetworkCapabilities nc = getNetworkCapabilitiesInternal(nai); if (nc != null) { if (nc != null) { result.put(nai.network, nc); result.put(nai.network, nc); } } Loading @@ -1122,9 +1105,9 @@ public class ConnectivityService extends IConnectivityManager.Stub if (networks != null) { if (networks != null) { for (Network network : networks) { for (Network network : networks) { nai = getNetworkAgentInfoForNetwork(network); nai = getNetworkAgentInfoForNetwork(network); nc = getNetworkCapabilitiesAndValidation(nai); nc = getNetworkCapabilitiesInternal(nai); if (nc != null) { if (nc != null) { result.put(nai.network, nc); result.put(network, nc); } } } } } } Loading Loading @@ -1184,24 +1167,23 @@ public class ConnectivityService extends IConnectivityManager.Stub return null; return null; } } @Override private NetworkCapabilities getNetworkCapabilitiesInternal(NetworkAgentInfo nai) { public NetworkCapabilities getNetworkCapabilities(Network network) { enforceAccessPermission(); NetworkAgentInfo nai = getNetworkAgentInfoForNetwork(network); if (nai != null) { if (nai != null) { synchronized (nai) { synchronized (nai) { NetworkCapabilities nc = new NetworkCapabilities(nai.networkCapabilities); if (nai.networkCapabilities != null) { if (nai.lastValidated) { return new NetworkCapabilities(nai.networkCapabilities); nc.addCapability(NET_CAPABILITY_VALIDATED); } else { nc.removeCapability(NET_CAPABILITY_VALIDATED); } } return nc; } } } } return null; return null; } } @Override public NetworkCapabilities getNetworkCapabilities(Network network) { enforceAccessPermission(); return getNetworkCapabilitiesInternal(getNetworkAgentInfoForNetwork(network)); } @Override @Override public NetworkState[] getAllNetworkState() { public NetworkState[] getAllNetworkState() { // Require internal since we're handing out IMSI details // Require internal since we're handing out IMSI details Loading Loading @@ -1966,11 +1948,14 @@ public class ConnectivityService extends IConnectivityManager.Stub } } case NetworkMonitor.EVENT_NETWORK_TESTED: { case NetworkMonitor.EVENT_NETWORK_TESTED: { NetworkAgentInfo nai = (NetworkAgentInfo)msg.obj; NetworkAgentInfo nai = (NetworkAgentInfo)msg.obj; if (isLiveNetworkAgent(nai, "EVENT_NETWORK_VALIDATED")) { if (isLiveNetworkAgent(nai, "EVENT_NETWORK_TESTED")) { boolean valid = (msg.arg1 == NetworkMonitor.NETWORK_TEST_RESULT_VALID); final boolean valid = (msg.arg1 == NetworkMonitor.NETWORK_TEST_RESULT_VALID); final boolean validationChanged = (valid != nai.lastValidated); nai.lastValidated = valid; nai.lastValidated = valid; if (valid) { if (valid) { if (DBG) log("Validated " + nai.name()); if (DBG) log("Validated " + nai.name()); nai.networkCapabilities.addCapability(NET_CAPABILITY_VALIDATED); if (!nai.everValidated) { if (!nai.everValidated) { nai.everValidated = true; nai.everValidated = true; rematchNetworkAndRequests(nai, NascentState.JUST_VALIDATED, rematchNetworkAndRequests(nai, NascentState.JUST_VALIDATED, Loading @@ -1978,6 +1963,8 @@ public class ConnectivityService extends IConnectivityManager.Stub // If score has changed, rebroadcast to NetworkFactories. b/17726566 // If score has changed, rebroadcast to NetworkFactories. b/17726566 sendUpdatedScoreToFactories(nai); sendUpdatedScoreToFactories(nai); } } } else { nai.networkCapabilities.removeCapability(NET_CAPABILITY_VALIDATED); } } updateInetCondition(nai); updateInetCondition(nai); // Let the NetworkAgent know the state of its network // Let the NetworkAgent know the state of its network Loading @@ -1986,8 +1973,9 @@ public class ConnectivityService extends IConnectivityManager.Stub (valid ? NetworkAgent.VALID_NETWORK : NetworkAgent.INVALID_NETWORK), (valid ? NetworkAgent.VALID_NETWORK : NetworkAgent.INVALID_NETWORK), 0, null); 0, null); // TODO: trigger a NetworkCapabilities update so that the dialog can know if (validationChanged) { // that the network is now validated and close itself. notifyNetworkCallbacks(nai, ConnectivityManager.CALLBACK_CAP_CHANGED); } } } break; break; } } Loading Loading @@ -3569,8 +3557,7 @@ public class ConnectivityService extends IConnectivityManager.Stub } } private void enforceNetworkRequestPermissions(NetworkCapabilities networkCapabilities) { private void enforceNetworkRequestPermissions(NetworkCapabilities networkCapabilities) { if (networkCapabilities.hasCapability(NET_CAPABILITY_NOT_RESTRICTED) if (networkCapabilities.hasCapability(NET_CAPABILITY_NOT_RESTRICTED) == false) { == false) { enforceConnectivityInternalPermission(); enforceConnectivityInternalPermission(); } else { } else { enforceChangePermission(); enforceChangePermission(); Loading @@ -3597,8 +3584,7 @@ public class ConnectivityService extends IConnectivityManager.Stub private void enforceMeteredApnPolicy(NetworkCapabilities networkCapabilities) { private void enforceMeteredApnPolicy(NetworkCapabilities networkCapabilities) { // if UID is restricted, don't allow them to bring up metered APNs // if UID is restricted, don't allow them to bring up metered APNs if (networkCapabilities.hasCapability(NET_CAPABILITY_NOT_METERED) if (networkCapabilities.hasCapability(NET_CAPABILITY_NOT_METERED) == false) { == false) { final int uidRules; final int uidRules; final int uid = Binder.getCallingUid(); final int uid = Binder.getCallingUid(); synchronized(mRulesLock) { synchronized(mRulesLock) { Loading Loading @@ -3969,6 +3955,11 @@ public class ConnectivityService extends IConnectivityManager.Stub synchronized (networkAgent) { synchronized (networkAgent) { networkAgent.networkCapabilities = networkCapabilities; networkAgent.networkCapabilities = networkCapabilities; } } if (networkAgent.lastValidated) { networkAgent.networkCapabilities.addCapability(NET_CAPABILITY_VALIDATED); // There's no need to remove the capability if we think the network is unvalidated, // because NetworkAgents don't set the validated capability. } rematchAllNetworksAndRequests(networkAgent, networkAgent.getCurrentScore()); rematchAllNetworksAndRequests(networkAgent, networkAgent.getCurrentScore()); notifyNetworkCallbacks(networkAgent, ConnectivityManager.CALLBACK_CAP_CHANGED); notifyNetworkCallbacks(networkAgent, ConnectivityManager.CALLBACK_CAP_CHANGED); } } Loading
