Merge changes Ia5022310,Ia4529d08

import static android.net.vcn.VcnManager.VCN_STATUS_CODE_INACTIVE;

import static android.net.vcn.VcnManager.VCN_STATUS_CODE_NOT_CONFIGURED;

import static android.net.vcn.VcnManager.VCN_STATUS_CODE_SAFE_MODE;

import static android.telephony.SubscriptionManager.isValidSubscriptionId;

import static com.android.server.vcn.TelephonySubscriptionTracker.TelephonySubscriptionSnapshot;

import static com.android.server.vcn.TelephonySubscriptionTracker.TelephonySubscriptionTrackerCallback;

    @VisibleForTesting(visibility = Visibility.PRIVATE)

    static final String VCN_CONFIG_FILE = "/data/system/vcn/configs.xml";

    // TODO(b/176956496): Directly use CarrierServiceBindHelper.UNBIND_DELAY_MILLIS

    @VisibleForTesting(visibility = Visibility.PRIVATE)

    static final long CARRIER_PRIVILEGES_LOST_TEARDOWN_DELAY_MS = TimeUnit.SECONDS.toMillis(30);

    /* Binder context for this service */

    @NonNull private final Context mContext;

    @NonNull private final Dependencies mDeps;

    /** Notifies the VcnManagementService that external dependencies can be set up. */

    public void systemReady() {

        // Always run on the handler thread to ensure consistency.

        mHandler.post(() -> {

            mNetworkProvider.register();

            mContext.getSystemService(ConnectivityManager.class)

                    .registerNetworkCallback(

                            new NetworkRequest.Builder().clearCapabilities().build(),

                            mTrackingNetworkCallback);

            mTelephonySubscriptionTracker.register();

        });

    }

    private void enforcePrimaryUser() {

                        if (!mVcns.containsKey(subGrp)) {

                            startVcnLocked(subGrp, entry.getValue());

                        }

                        // Cancel any scheduled teardowns for active subscriptions

                        mHandler.removeCallbacksAndMessages(mVcns.get(subGrp));

                    }

                }

                // Schedule teardown of any VCN instances that have lost carrier privileges (after a

                // delay)

                // Schedule teardown of any VCN instances that have lost carrier privileges

                for (Entry<ParcelUuid, Vcn> entry : mVcns.entrySet()) {

                    final ParcelUuid subGrp = entry.getKey();

                    final VcnConfig config = mConfigs.get(subGrp);

                    final boolean isActiveSubGrp = isActiveSubGroup(subGrp, snapshot);

                    final boolean isValidActiveDataSubIdNotInVcnSubGrp =

                            isValidSubscriptionId(snapshot.getActiveDataSubscriptionId())

                                    && !isActiveSubGroup(subGrp, snapshot);

                    // TODO(b/193687515): Support multiple VCNs active at the same time

                    if (config == null

                        final ParcelUuid uuidToTeardown = subGrp;

                        final Vcn instanceToTeardown = entry.getValue();

                        // TODO(b/193687515): Support multiple VCNs active at the same time

                        // If directly switching to a subscription not in the current group,

                        // teardown immediately to prevent other subscription's network from being

                        // outscored by the VCN. Otherwise, teardown after a delay to ensure that

                        // SIM profile switches do not trigger the VCN to cycle.

                        final long teardownDelayMs =

                                isValidActiveDataSubIdNotInVcnSubGrp

                                        ? 0

                                        : CARRIER_PRIVILEGES_LOST_TEARDOWN_DELAY_MS;

                        mHandler.postDelayed(() -> {

                            synchronized (mLock) {

                                // Guard against case where this is run after a old instance was

                                // torn down, and a new instance was started. Verify to ensure

                                // correct instance is torn down. This could happen as a result of a

                                // Carrier App manually removing/adding a VcnConfig.

                                if (mVcns.get(uuidToTeardown) == instanceToTeardown) {

                        stopVcnLocked(uuidToTeardown);

                        // TODO(b/181789060): invoke asynchronously after Vcn notifies

                        // through VcnCallback

                        notifyAllPermissionedStatusCallbacksLocked(

                                uuidToTeardown, VCN_STATUS_CODE_INACTIVE);

                                }

                            }

                        }, instanceToTeardown, teardownDelayMs);

                    } else {

                        // If this VCN's status has not changed, update it with the new snapshot

                        entry.getValue().updateSubscriptionSnapshot(mLastSnapshot);

import static android.telephony.CarrierConfigManager.EXTRA_SUBSCRIPTION_INDEX;

import static android.telephony.SubscriptionManager.INVALID_SIM_SLOT_INDEX;

import static android.telephony.SubscriptionManager.INVALID_SUBSCRIPTION_ID;

import static android.telephony.TelephonyManager.ACTION_MULTI_SIM_CONFIG_CHANGED;

import android.annotation.NonNull;

import android.annotation.Nullable;

import android.telephony.SubscriptionManager.OnSubscriptionsChangedListener;

import android.telephony.TelephonyCallback;

import android.telephony.TelephonyManager;

import android.telephony.TelephonyManager.CarrierPrivilegesListener;

import android.util.ArrayMap;

import android.util.ArraySet;

import android.util.Slog;

import com.android.internal.annotations.VisibleForTesting;

import com.android.internal.annotations.VisibleForTesting.Visibility;

import com.android.internal.util.IndentingPrintWriter;

import java.util.ArrayList;

import java.util.Collections;

import java.util.HashMap;

import java.util.Iterator;

import java.util.List;

import java.util.Map;

import java.util.Map.Entry;

    @NonNull private final Map<Integer, Integer> mReadySubIdsBySlotId = new HashMap<>();

    @NonNull private final OnSubscriptionsChangedListener mSubscriptionChangedListener;

    @NonNull

    private final List<CarrierPrivilegesListener> mCarrierPrivilegesChangedListeners =

            new ArrayList<>();

    @NonNull private TelephonySubscriptionSnapshot mCurrentSnapshot;

    public TelephonySubscriptionTracker(

                };

    }

    /** Registers the receivers, and starts tracking subscriptions. */

    /**

     * Registers the receivers, and starts tracking subscriptions.

     *

     * <p>Must always be run on the VcnManagementService thread.

     */

    public void register() {

        final HandlerExecutor executor = new HandlerExecutor(mHandler);

        final IntentFilter filter = new IntentFilter();

        filter.addAction(ACTION_CARRIER_CONFIG_CHANGED);

        filter.addAction(ACTION_MULTI_SIM_CONFIG_CHANGED);

        mContext.registerReceiver(

                this, new IntentFilter(ACTION_CARRIER_CONFIG_CHANGED), null, mHandler);

        mContext.registerReceiver(this, filter, null, mHandler);

        mSubscriptionManager.addOnSubscriptionsChangedListener(

                executor, mSubscriptionChangedListener);

        mTelephonyManager.registerTelephonyCallback(executor, mActiveDataSubIdListener);

        registerCarrierPrivilegesListeners();

    }

    /** Unregisters the receivers, and stops tracking subscriptions. */

    private void registerCarrierPrivilegesListeners() {

        final HandlerExecutor executor = new HandlerExecutor(mHandler);

        final int modemCount = mTelephonyManager.getActiveModemCount();

        try {

            for (int i = 0; i < modemCount; i++) {

                CarrierPrivilegesListener carrierPrivilegesListener =

                        new CarrierPrivilegesListener() {

                            @Override

                            public void onCarrierPrivilegesChanged(

                                    @NonNull List<String> privilegedPackageNames,

                                    @NonNull int[] privilegedUids) {

                                // Re-trigger the synchronous check (which is also very cheap due

                                // to caching in CarrierPrivilegesTracker). This allows consistency

                                // with the onSubscriptionsChangedListener and broadcasts.

                                handleSubscriptionsChanged();

                            }

                        };

                mTelephonyManager.addCarrierPrivilegesListener(

                        i, executor, carrierPrivilegesListener);

                mCarrierPrivilegesChangedListeners.add(carrierPrivilegesListener);

            }

        } catch (IllegalArgumentException e) {

            Slog.wtf(TAG, "Encounted exception registering carrier privileges listeners", e);

        }

    }

    /**

     * Unregisters the receivers, and stops tracking subscriptions.

     *

     * <p>Must always be run on the VcnManagementService thread.

     */

    public void unregister() {

        mContext.unregisterReceiver(this);

        mSubscriptionManager.removeOnSubscriptionsChangedListener(mSubscriptionChangedListener);

        mTelephonyManager.unregisterTelephonyCallback(mActiveDataSubIdListener);

        unregisterCarrierPrivilegesListeners();

    }

    private void unregisterCarrierPrivilegesListeners() {

        for (CarrierPrivilegesListener carrierPrivilegesListener :

                mCarrierPrivilegesChangedListeners) {

            mTelephonyManager.removeCarrierPrivilegesListener(carrierPrivilegesListener);

        }

        mCarrierPrivilegesChangedListeners.clear();

    }

    /**

            // group.

            if (subInfo.getSimSlotIndex() != INVALID_SIM_SLOT_INDEX

                    && mReadySubIdsBySlotId.values().contains(subInfo.getSubscriptionId())) {

                // TODO (b/172619301): Cache based on callbacks from CarrierPrivilegesTracker

                final TelephonyManager subIdSpecificTelephonyManager =

                        mTelephonyManager.createForSubscriptionId(subInfo.getSubscriptionId());

     */

    @Override

    public void onReceive(Context context, Intent intent) {

        // Accept sticky broadcasts; if CARRIER_CONFIG_CHANGED was previously broadcast and it

        // already was for an identified carrier, we can stop waiting for initial load to complete

        if (!ACTION_CARRIER_CONFIG_CHANGED.equals(intent.getAction())) {

            return;

        switch (intent.getAction()) {

            case ACTION_CARRIER_CONFIG_CHANGED:

                handleActionCarrierConfigChanged(context, intent);

                break;

            case ACTION_MULTI_SIM_CONFIG_CHANGED:

                handleActionMultiSimConfigChanged(context, intent);

                break;

            default:

                Slog.v(TAG, "Unknown intent received with action: " + intent.getAction());

        }

    }

    private void handleActionMultiSimConfigChanged(Context context, Intent intent) {

        unregisterCarrierPrivilegesListeners();

        // Clear invalid slotIds from the mReadySubIdsBySlotId map.

        final int modemCount = mTelephonyManager.getActiveModemCount();

        final Iterator<Integer> slotIdIterator = mReadySubIdsBySlotId.keySet().iterator();

        while (slotIdIterator.hasNext()) {

            final int slotId = slotIdIterator.next();

            if (slotId >= modemCount) {

                slotIdIterator.remove();

            }

        }

        registerCarrierPrivilegesListeners();

        handleSubscriptionsChanged();

    }

    private void handleActionCarrierConfigChanged(Context context, Intent intent) {

        // Accept sticky broadcasts; if CARRIER_CONFIG_CHANGED was previously broadcast and it

        // already was for an identified carrier, we can stop waiting for initial load to complete

        final int subId = intent.getIntExtra(EXTRA_SUBSCRIPTION_INDEX, INVALID_SUBSCRIPTION_ID);

        final int slotId = intent.getIntExtra(EXTRA_SLOT_INDEX, INVALID_SIM_SLOT_INDEX);

import static android.net.NetworkCapabilities.TRANSPORT_WIFI;

import static android.net.vcn.VcnManager.VCN_STATUS_CODE_ACTIVE;

import static android.net.vcn.VcnManager.VCN_STATUS_CODE_SAFE_MODE;

import static android.telephony.SubscriptionManager.INVALID_SUBSCRIPTION_ID;

import static android.telephony.TelephonyManager.CARRIER_PRIVILEGE_STATUS_HAS_ACCESS;

import static android.telephony.TelephonyManager.CARRIER_PRIVILEGE_STATUS_NO_ACCESS;

    @Test

    public void testSystemReady() throws Exception {

        mVcnMgmtSvc.systemReady();

        mTestLooper.dispatchAll();

        verify(mConnMgr).registerNetworkProvider(any(VcnNetworkProvider.class));

        verify(mSubscriptionTracker).register();

        mVcnMgmtSvc.addVcnUnderlyingNetworkPolicyListener(mMockPolicyListener);

        triggerSubscriptionTrackerCbAndGetSnapshot(null, Collections.emptySet());

        // Verify teardown after delay

        mTestLooper.moveTimeForward(VcnManagementService.CARRIER_PRIVILEGES_LOST_TEARDOWN_DELAY_MS);

        mTestLooper.dispatchAll();

        verify(vcn).teardownAsynchronously();

        verify(mMockPolicyListener).onPolicyChanged();

    }

        assertEquals(0, mVcnMgmtSvc.getAllVcns().size());

    }

    /**

     * Tests an intermediate state where carrier privileges are marked as lost before active data

     * subId changes during a SIM ejection.

     *

     * <p>The expected outcome is that the VCN is torn down after a delay, as opposed to

     * immediately.

     */

    @Test

    public void testTelephonyNetworkTrackerCallbackLostCarrierPrivilegesBeforeActiveDataSubChanges()

            throws Exception {

        setupActiveSubscription(TEST_UUID_2);

        final TelephonySubscriptionTrackerCallback cb = getTelephonySubscriptionTrackerCallback();

        final Vcn vcn = startAndGetVcnInstance(TEST_UUID_2);

        // Simulate privileges lost

        triggerSubscriptionTrackerCbAndGetSnapshot(

                TEST_SUBSCRIPTION_ID,

                TEST_UUID_2,

                Collections.emptySet(),

                Collections.emptyMap(),

                false /* hasCarrierPrivileges */);

        // Verify teardown after delay

        mTestLooper.moveTimeForward(VcnManagementService.CARRIER_PRIVILEGES_LOST_TEARDOWN_DELAY_MS);

        mTestLooper.dispatchAll();

        verify(vcn).teardownAsynchronously();

    }

    @Test

    public void testTelephonyNetworkTrackerCallbackSimSwitchesDoNotKillVcnInstances()

            throws Exception {

        setupActiveSubscription(TEST_UUID_2);

        final TelephonySubscriptionTrackerCallback cb = getTelephonySubscriptionTrackerCallback();

        final Vcn vcn = startAndGetVcnInstance(TEST_UUID_2);

        // Simulate SIM unloaded

        triggerSubscriptionTrackerCbAndGetSnapshot(

                INVALID_SUBSCRIPTION_ID,

                null /* activeDataSubscriptionGroup */,

                Collections.emptySet(),

                Collections.emptyMap(),

                false /* hasCarrierPrivileges */);

        // Simulate new SIM loaded right during teardown delay.

        mTestLooper.moveTimeForward(

                VcnManagementService.CARRIER_PRIVILEGES_LOST_TEARDOWN_DELAY_MS / 2);

        mTestLooper.dispatchAll();

        triggerSubscriptionTrackerCbAndGetSnapshot(TEST_UUID_2, Collections.singleton(TEST_UUID_2));

        // Verify that even after the full timeout duration, the VCN instance is not torn down

        mTestLooper.moveTimeForward(VcnManagementService.CARRIER_PRIVILEGES_LOST_TEARDOWN_DELAY_MS);

        mTestLooper.dispatchAll();

        verify(vcn, never()).teardownAsynchronously();

    }

    @Test

    public void testTelephonyNetworkTrackerCallbackDoesNotKillNewVcnInstances() throws Exception {

        setupActiveSubscription(TEST_UUID_2);

        final TelephonySubscriptionTrackerCallback cb = getTelephonySubscriptionTrackerCallback();

        final Vcn oldInstance = startAndGetVcnInstance(TEST_UUID_2);

        // Simulate SIM unloaded

        triggerSubscriptionTrackerCbAndGetSnapshot(null, Collections.emptySet());

        // Config cleared, SIM reloaded & config re-added right before teardown delay, staring new

        // vcnInstance.

        mTestLooper.moveTimeForward(

                VcnManagementService.CARRIER_PRIVILEGES_LOST_TEARDOWN_DELAY_MS / 2);

        mTestLooper.dispatchAll();

        mVcnMgmtSvc.clearVcnConfig(TEST_UUID_2, TEST_PACKAGE_NAME);

        triggerSubscriptionTrackerCbAndGetSnapshot(TEST_UUID_2, Collections.singleton(TEST_UUID_2));

        final Vcn newInstance = startAndGetVcnInstance(TEST_UUID_2);

        // Verify that new instance was different, and the old one was torn down

        assertTrue(oldInstance != newInstance);

        verify(oldInstance).teardownAsynchronously();

        // Verify that even after the full timeout duration, the new VCN instance is not torn down

        mTestLooper.moveTimeForward(VcnManagementService.CARRIER_PRIVILEGES_LOST_TEARDOWN_DELAY_MS);

        mTestLooper.dispatchAll();

        verify(newInstance, never()).teardownAsynchronously();

    }

    @Test

    public void testPackageChangeListenerRegistered() throws Exception {

        verify(mMockContext).registerReceiver(any(BroadcastReceiver.class), argThat(filter -> {

    private void setupSubscriptionAndStartVcn(

            int subId, ParcelUuid subGrp, boolean isVcnActive, boolean hasCarrierPrivileges) {

        mVcnMgmtSvc.systemReady();

        mTestLooper.dispatchAll();

        triggerSubscriptionTrackerCbAndGetSnapshot(

                subGrp,

                Collections.singleton(subGrp),

    private void setupTrackedCarrierWifiNetwork(NetworkCapabilities caps) {

        mVcnMgmtSvc.systemReady();

        mTestLooper.dispatchAll();

        final ArgumentCaptor<NetworkCallback> captor =

                ArgumentCaptor.forClass(NetworkCallback.class);

                true /* isActive */,

                true /* hasCarrierPrivileges */);

        // VCN is currently active. Lose carrier privileges for TEST_PACKAGE and hit teardown

        // timeout so the VCN goes inactive.

        // VCN is currently active. Lose carrier privileges for TEST_PACKAGE so the VCN goes

        // inactive.

        final TelephonySubscriptionSnapshot snapshot =

                triggerSubscriptionTrackerCbAndGetSnapshot(

                        TEST_UUID_1,

                        Collections.singleton(TEST_UUID_1),

                        Collections.singletonMap(TEST_SUBSCRIPTION_ID, TEST_UUID_1),

                        false /* hasCarrierPrivileges */);

        mTestLooper.moveTimeForward(VcnManagementService.CARRIER_PRIVILEGES_LOST_TEARDOWN_DELAY_MS);

        mTestLooper.dispatchAll();

        // Giving TEST_PACKAGE privileges again will restart the VCN (which will indicate ACTIVE