Merge "Fix LingerMonitor notification rate limiting"
diff --git a/services/core/java/com/android/server/connectivity/Nat464Xlat.java b/services/core/java/com/android/server/connectivity/Nat464Xlat.java
index f96f6e8..6596d27 100644
--- a/services/core/java/com/android/server/connectivity/Nat464Xlat.java
+++ b/services/core/java/com/android/server/connectivity/Nat464Xlat.java
@@ -94,7 +94,7 @@
final boolean hasIPv4Address =
(nai.linkProperties != null) && nai.linkProperties.hasIPv4Address();
final boolean skip464xlat =
- (nai.networkMisc != null) && nai.networkMisc.skip464xlat;
+ (nai.netMisc() != null) && nai.netMisc().skip464xlat;
return supported && connected && !hasIPv4Address && !skip464xlat;
}
diff --git a/services/core/java/com/android/server/connectivity/NetworkAgentInfo.java b/services/core/java/com/android/server/connectivity/NetworkAgentInfo.java
index 505480e..262184b 100644
--- a/services/core/java/com/android/server/connectivity/NetworkAgentInfo.java
+++ b/services/core/java/com/android/server/connectivity/NetworkAgentInfo.java
@@ -266,6 +266,10 @@
return mConnService;
}
+ public NetworkMisc netMisc() {
+ return networkMisc;
+ }
+
public Handler handler() {
return mHandler;
}
diff --git a/services/core/java/com/android/server/connectivity/PermissionMonitor.java b/services/core/java/com/android/server/connectivity/PermissionMonitor.java
index 7b8571c..94c94a5 100644
--- a/services/core/java/com/android/server/connectivity/PermissionMonitor.java
+++ b/services/core/java/com/android/server/connectivity/PermissionMonitor.java
@@ -23,6 +23,8 @@
import static android.content.pm.ApplicationInfo.FLAG_SYSTEM;
import static android.content.pm.ApplicationInfo.FLAG_UPDATED_SYSTEM_APP;
import static android.content.pm.PackageManager.GET_PERMISSIONS;
+import static android.os.Process.INVALID_UID;
+import static android.os.Process.SYSTEM_UID;
import android.annotation.NonNull;
import android.content.BroadcastReceiver;
@@ -64,6 +66,7 @@
private static final boolean DBG = true;
private static final Boolean SYSTEM = Boolean.TRUE;
private static final Boolean NETWORK = Boolean.FALSE;
+ private static final int VERSION_Q = Build.VERSION_CODES.Q;
private final Context mContext;
private final PackageManager mPackageManager;
@@ -87,7 +90,7 @@
public void onReceive(Context context, Intent intent) {
String action = intent.getAction();
int user = intent.getIntExtra(Intent.EXTRA_USER_HANDLE, UserHandle.USER_NULL);
- int appUid = intent.getIntExtra(Intent.EXTRA_UID, -1);
+ int appUid = intent.getIntExtra(Intent.EXTRA_UID, INVALID_UID);
Uri appData = intent.getData();
String appName = appData != null ? appData.getSchemeSpecificPart() : null;
@@ -127,7 +130,7 @@
}
for (PackageInfo app : apps) {
- int uid = app.applicationInfo != null ? app.applicationInfo.uid : -1;
+ int uid = app.applicationInfo != null ? app.applicationInfo.uid : INVALID_UID;
if (uid < 0) {
continue;
}
@@ -162,6 +165,11 @@
}
@VisibleForTesting
+ protected int getDeviceFirstSdkInt() {
+ return Build.VERSION.FIRST_SDK_INT;
+ }
+
+ @VisibleForTesting
boolean hasPermission(PackageInfo app, String permission) {
if (app.requestedPermissions != null) {
for (String p : app.requestedPermissions) {
@@ -180,10 +188,17 @@
private boolean hasRestrictedNetworkPermission(PackageInfo app) {
// TODO : remove this check in the future(b/31479477). All apps should just
// request the appropriate permission for their use case since android Q.
- if (app.applicationInfo != null
- && app.applicationInfo.targetSdkVersion < Build.VERSION_CODES.Q
- && isVendorApp(app.applicationInfo)) {
- return true;
+ if (app.applicationInfo != null) {
+ // Backward compatibility for b/114245686, on devices that launched before Q daemons
+ // and apps running as the system UID are exempted from this check.
+ if (app.applicationInfo.uid == SYSTEM_UID && getDeviceFirstSdkInt() < VERSION_Q) {
+ return true;
+ }
+
+ if (app.applicationInfo.targetSdkVersion < VERSION_Q
+ && isVendorApp(app.applicationInfo)) {
+ return true;
+ }
}
return hasPermission(app, CONNECTIVITY_INTERNAL)
|| hasPermission(app, CONNECTIVITY_USE_RESTRICTED_NETWORKS);
diff --git a/tests/net/java/com/android/server/connectivity/Nat464XlatTest.java b/tests/net/java/com/android/server/connectivity/Nat464XlatTest.java
index dfe31bd..bf42412 100644
--- a/tests/net/java/com/android/server/connectivity/Nat464XlatTest.java
+++ b/tests/net/java/com/android/server/connectivity/Nat464XlatTest.java
@@ -31,6 +31,7 @@
import android.net.LinkAddress;
import android.net.LinkProperties;
import android.net.NetworkInfo;
+import android.net.NetworkMisc;
import android.os.Handler;
import android.os.INetworkManagementService;
import android.os.test.TestLooper;
@@ -55,6 +56,7 @@
static final LinkAddress ADDR = new LinkAddress("192.0.2.5/29");
@Mock ConnectivityService mConnectivity;
+ @Mock NetworkMisc mMisc;
@Mock INetworkManagementService mNms;
@Mock InterfaceConfiguration mConfig;
@Mock NetworkAgentInfo mNai;
@@ -78,6 +80,7 @@
mNai.networkInfo = new NetworkInfo(null);
mNai.networkInfo.setType(ConnectivityManager.TYPE_WIFI);
when(mNai.connService()).thenReturn(mConnectivity);
+ when(mNai.netMisc()).thenReturn(mMisc);
when(mNai.handler()).thenReturn(mHandler);
when(mNms.getInterfaceConfig(eq(STACKED_IFACE))).thenReturn(mConfig);
@@ -103,9 +106,16 @@
mNai.networkInfo.setType(type);
for (NetworkInfo.DetailedState state : supportedDetailedStates) {
mNai.networkInfo.setDetailedState(state, "reason", "extraInfo");
- assertTrue(
- String.format("requiresClat expected for type=%d state=%s", type, state),
- Nat464Xlat.requiresClat(mNai));
+ String msg = String.format("requiresClat expected for type=%d state=%s",
+ type, state);
+
+ mMisc.skip464xlat = true;
+ String errorMsg = msg + String.format(" skip464xlat=%b", mMisc.skip464xlat);
+ assertFalse(errorMsg, Nat464Xlat.requiresClat(mNai));
+
+ mMisc.skip464xlat = false;
+ errorMsg = msg + String.format(" skip464xlat=%b", mMisc.skip464xlat);
+ assertTrue(errorMsg, Nat464Xlat.requiresClat(mNai));
}
}
}
diff --git a/tests/net/java/com/android/server/connectivity/PermissionMonitorTest.java b/tests/net/java/com/android/server/connectivity/PermissionMonitorTest.java
index 4dc63f2..af7123b 100644
--- a/tests/net/java/com/android/server/connectivity/PermissionMonitorTest.java
+++ b/tests/net/java/com/android/server/connectivity/PermissionMonitorTest.java
@@ -25,11 +25,14 @@
import static android.content.pm.ApplicationInfo.PRIVATE_FLAG_PRODUCT;
import static android.content.pm.ApplicationInfo.PRIVATE_FLAG_VENDOR;
import static android.content.pm.PackageManager.GET_PERMISSIONS;
+import static android.os.Process.SYSTEM_UID;
import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertTrue;
import static org.mockito.Mockito.anyInt;
+import static org.mockito.Mockito.doReturn;
import static org.mockito.Mockito.eq;
+import static org.mockito.Mockito.spy;
import static org.mockito.Mockito.when;
import android.content.Context;
@@ -55,6 +58,8 @@
private static final String PARTITION_OEM = "oem";
private static final String PARTITION_PRODUCT = "product";
private static final String PARTITION_VENDOR = "vendor";
+ private static final int VERSION_P = Build.VERSION_CODES.P;
+ private static final int VERSION_Q = Build.VERSION_CODES.Q;
@Mock private Context mContext;
@Mock private PackageManager mPackageManager;
@@ -65,16 +70,18 @@
public void setUp() throws Exception {
MockitoAnnotations.initMocks(this);
when(mContext.getPackageManager()).thenReturn(mPackageManager);
- when(mPackageManager.getPackagesForUid(MOCK_UID)).thenReturn(MOCK_PACKAGE_NAMES);
- mPermissionMonitor = new PermissionMonitor(mContext, null);
+ when(mPackageManager.getPackagesForUid(anyInt())).thenReturn(MOCK_PACKAGE_NAMES);
+ mPermissionMonitor = spy(new PermissionMonitor(mContext, null));
}
- private void expectPermission(String[] permissions, String partition,
- int targetSdkVersion) throws Exception {
- final PackageInfo packageInfo = packageInfoWithPermissions(permissions, partition);
+ private boolean hasBgPermission(String partition, int targetSdkVersion, int uid,
+ String... permission) throws Exception {
+ final PackageInfo packageInfo = packageInfoWithPermissions(permission, partition);
packageInfo.applicationInfo.targetSdkVersion = targetSdkVersion;
+ packageInfo.applicationInfo.uid = uid;
when(mPackageManager.getPackageInfoAsUser(
eq(MOCK_PACKAGE_NAMES[0]), eq(GET_PERMISSIONS), anyInt())).thenReturn(packageInfo);
+ return mPermissionMonitor.hasUseBackgroundNetworksPermission(uid);
}
private PackageInfo packageInfoWithPermissions(String[] permissions, String partition) {
@@ -136,51 +143,44 @@
@Test
public void testHasUseBackgroundNetworksPermission() throws Exception {
- expectPermission(new String[] { CHANGE_NETWORK_STATE },
- PARTITION_SYSTEM, Build.VERSION_CODES.P);
- assertTrue(mPermissionMonitor.hasUseBackgroundNetworksPermission(MOCK_UID));
- expectPermission(new String[] { NETWORK_STACK }, PARTITION_SYSTEM, Build.VERSION_CODES.P);
- assertTrue(mPermissionMonitor.hasUseBackgroundNetworksPermission(MOCK_UID));
- expectPermission(new String[] { CONNECTIVITY_INTERNAL },
- PARTITION_SYSTEM, Build.VERSION_CODES.P);
- assertTrue(mPermissionMonitor.hasUseBackgroundNetworksPermission(MOCK_UID));
- expectPermission(new String[] { CONNECTIVITY_USE_RESTRICTED_NETWORKS },
- PARTITION_SYSTEM, Build.VERSION_CODES.P);
- assertTrue(mPermissionMonitor.hasUseBackgroundNetworksPermission(MOCK_UID));
+ assertFalse(hasBgPermission(PARTITION_SYSTEM, VERSION_P, MOCK_UID));
+ assertTrue(hasBgPermission(PARTITION_SYSTEM, VERSION_P, MOCK_UID, CHANGE_NETWORK_STATE));
+ assertTrue(hasBgPermission(PARTITION_SYSTEM, VERSION_P, MOCK_UID, NETWORK_STACK));
+ assertTrue(hasBgPermission(PARTITION_SYSTEM, VERSION_P, MOCK_UID, CONNECTIVITY_INTERNAL));
+ assertTrue(hasBgPermission(PARTITION_SYSTEM, VERSION_P, MOCK_UID,
+ CONNECTIVITY_USE_RESTRICTED_NETWORKS));
+ assertFalse(hasBgPermission(PARTITION_SYSTEM, VERSION_P, MOCK_UID, CHANGE_WIFI_STATE));
- expectPermission(new String[] { CHANGE_NETWORK_STATE },
- PARTITION_VENDOR, Build.VERSION_CODES.P);
- assertTrue(mPermissionMonitor.hasUseBackgroundNetworksPermission(MOCK_UID));
- expectPermission(new String[] { NETWORK_STACK },
- PARTITION_VENDOR, Build.VERSION_CODES.P);
- assertTrue(mPermissionMonitor.hasUseBackgroundNetworksPermission(MOCK_UID));
- expectPermission(new String[] { CONNECTIVITY_INTERNAL },
- PARTITION_VENDOR, Build.VERSION_CODES.P);
- assertTrue(mPermissionMonitor.hasUseBackgroundNetworksPermission(MOCK_UID));
- expectPermission(new String[] { CONNECTIVITY_USE_RESTRICTED_NETWORKS },
- PARTITION_VENDOR, Build.VERSION_CODES.P);
- assertTrue(mPermissionMonitor.hasUseBackgroundNetworksPermission(MOCK_UID));
+ assertFalse(hasBgPermission(PARTITION_SYSTEM, VERSION_Q, MOCK_UID));
+ assertFalse(hasBgPermission(PARTITION_SYSTEM, VERSION_Q, MOCK_UID, CHANGE_WIFI_STATE));
+ }
- expectPermission(new String[] {}, PARTITION_SYSTEM, Build.VERSION_CODES.P);
- assertFalse(mPermissionMonitor.hasUseBackgroundNetworksPermission(MOCK_UID));
- expectPermission(new String[] { CHANGE_WIFI_STATE },
- PARTITION_SYSTEM, Build.VERSION_CODES.P);
- assertFalse(mPermissionMonitor.hasUseBackgroundNetworksPermission(MOCK_UID));
- expectPermission(new String[] {}, PARTITION_VENDOR, Build.VERSION_CODES.P);
- assertTrue(mPermissionMonitor.hasUseBackgroundNetworksPermission(MOCK_UID));
- expectPermission(new String[] { CHANGE_WIFI_STATE },
- PARTITION_VENDOR, Build.VERSION_CODES.P);
- assertTrue(mPermissionMonitor.hasUseBackgroundNetworksPermission(MOCK_UID));
+ @Test
+ public void testHasUseBackgroundNetworksPermissionSystemUid() throws Exception {
+ doReturn(VERSION_P).when(mPermissionMonitor).getDeviceFirstSdkInt();
+ assertTrue(hasBgPermission(PARTITION_SYSTEM, VERSION_P, SYSTEM_UID));
+ assertTrue(hasBgPermission(PARTITION_SYSTEM, VERSION_P, SYSTEM_UID, CHANGE_WIFI_STATE));
+ assertTrue(hasBgPermission(PARTITION_SYSTEM, VERSION_P, SYSTEM_UID,
+ CONNECTIVITY_USE_RESTRICTED_NETWORKS));
- expectPermission(new String[] {}, PARTITION_SYSTEM, Build.VERSION_CODES.Q);
- assertFalse(mPermissionMonitor.hasUseBackgroundNetworksPermission(MOCK_UID));
- expectPermission(new String[] { CHANGE_WIFI_STATE },
- PARTITION_SYSTEM, Build.VERSION_CODES.Q);
- assertFalse(mPermissionMonitor.hasUseBackgroundNetworksPermission(MOCK_UID));
- expectPermission(new String[] {}, PARTITION_VENDOR, Build.VERSION_CODES.Q);
- assertFalse(mPermissionMonitor.hasUseBackgroundNetworksPermission(MOCK_UID));
- expectPermission(new String[] { CHANGE_WIFI_STATE },
- PARTITION_VENDOR, Build.VERSION_CODES.Q);
- assertFalse(mPermissionMonitor.hasUseBackgroundNetworksPermission(MOCK_UID));
+ doReturn(VERSION_Q).when(mPermissionMonitor).getDeviceFirstSdkInt();
+ assertFalse(hasBgPermission(PARTITION_SYSTEM, VERSION_Q, SYSTEM_UID));
+ assertFalse(hasBgPermission(PARTITION_SYSTEM, VERSION_Q, SYSTEM_UID, CHANGE_WIFI_STATE));
+ assertTrue(hasBgPermission(PARTITION_SYSTEM, VERSION_Q, SYSTEM_UID,
+ CONNECTIVITY_USE_RESTRICTED_NETWORKS));
+ }
+
+ @Test
+ public void testHasUseBackgroundNetworksPermissionVendorApp() throws Exception {
+ assertTrue(hasBgPermission(PARTITION_VENDOR, VERSION_P, MOCK_UID));
+ assertTrue(hasBgPermission(PARTITION_VENDOR, VERSION_P, MOCK_UID, CHANGE_NETWORK_STATE));
+ assertTrue(hasBgPermission(PARTITION_VENDOR, VERSION_P, MOCK_UID, NETWORK_STACK));
+ assertTrue(hasBgPermission(PARTITION_VENDOR, VERSION_P, MOCK_UID, CONNECTIVITY_INTERNAL));
+ assertTrue(hasBgPermission(PARTITION_VENDOR, VERSION_P, MOCK_UID,
+ CONNECTIVITY_USE_RESTRICTED_NETWORKS));
+ assertTrue(hasBgPermission(PARTITION_VENDOR, VERSION_P, MOCK_UID, CHANGE_WIFI_STATE));
+
+ assertFalse(hasBgPermission(PARTITION_VENDOR, VERSION_Q, MOCK_UID));
+ assertFalse(hasBgPermission(PARTITION_VENDOR, VERSION_Q, MOCK_UID, CHANGE_WIFI_STATE));
}
}